The scientists say that they were able to remotely control braking and other functions, and that the car industry was running the risk of repeating the security mistakes of the PC industry.
“We demonstrate the ability to adversarially control a wide range of automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on,” they wrote in the report, “Experimental Security Analysis of a Modern Automobile.”
In the paper, which will be presented at a computer security conference next week in Oakland, Calif., computer security specialists at the University of Washington and theUniversity of California, San Diego, report that while modern cars have extensive safety engineering in the design of their computer control systems, little thought has been given to the potential threat of hackers who may want to take over the networks that increasingly control modern cars.
“We noticed the extent to which automobiles were becoming computerized,” said Stefan Savage, a computer scientist at U.C.S.D. who was a member of one of two groups that have been studying the electronic control units of two different cars to look for network vulnerabilities that could be exploited by a potential attacker. “We found ourselves thinking we should try to get in front of this before it suddenly becomes an issue.”
The researchers, financed by the National Science Foundation, tested two versions of a late-model car in both laboratory and field settings. They did not identify the maker or the brand of the car, but said they believed they were representative of the computer network control systems that have proliferated in most cars today.
The researchers asked what could happen if a hacker could gain access to the network of a car, said Tadayoshi Kohno, a University of Washington computer scientist. He said the research teams were able to demonstrate their ability to circumvent a wide variety of systems critical to the safety of drivers and passengers.
They also demonstrated what they described as “composite attacks” that showed their ability to insert malicious software and then erase any evidence of tampering after a crash.
The researchers were able to activate dozens of functions and almost all of them while the car was in motion.
Wireless connections are increasingly becoming available in a wide range of automobiles. For example, services like the On Star system from General Motors now report vehicle position and diagnostic information to the manufacturer. The system can permit communications between passengers and emergency personnel in the event of a crash and can enable authorized OnStar personnel to remotely unlock cars and stop them for purposes of theft recovery.
“Taken together, ubiquitous computer control, distributed internal connectivity, and telematics interfaces increasingly combine to provide an application software platform for external network access,” the researchers write. “There are thus ample reasons to reconsider the state of the vehicular computer security.”
The researchers said they did not address the question of the defenses the cars might have against remote access, but said the experience of the PC industry, which did not have extensive security problems until computers became networked, was worth remembering.
“To be fair, you should expect that various entry points in the automotive environment are no more secure in the automotive environment than they are in your PC,” Mr. Savage said.
Although there has been widespread speculation about the role of software-controlled systems in the safety crisis that Toyota has faced this year, the researchers said they were not exploring the general issue of the safety of computerized systems, only the issues related to network security.
No comments:
Post a Comment