Beware of Hackers Controlling Your Automobile

May 18, 2010 by John Messina report
GMC's Yukon hybrid, control software logic analyzes hundreds of inputs every 10 milliseconds, including vehicle load, engine operations, battery parameters, and the temperatures in the high-voltage electric components. Credit: GMC

(PhysOrg.com) -- A team of researchers led by Professor Stefan Savage from the University of California, San Diego and Tadayoshi Kohno from the University of Washington set out to see what it would take to control an automobile’s electronic control units (ECUs); what they found out may surprise you.

The researchers focused their attacks of the automobile’s ECUs which are located all over a vehicle and control the workings of many car components. The hackers created software called ‘CarShark’ to monitor communications between the ECUs and used fake packets of data to carry out the attack.

Access to the automobile’s was done through the computer’s access port that is standard among cars and used by mechanics to diagnose car’s performance before servicing.

The researchers launched a series of attacks against the automobile’s ECUs in a moving and stationary vehicle to determine how much control they could have on the car.

The researchers stated; "We are able to forcibly and completely disengage the brakes while driving, making it difficult for the driver to stop. Conversely, we are able to forcibly activate the brakes, forcing the driver forward and causing the car to stop suddenly."

The researchers found that practically every system in the car, such as brakes, light, engine, cooling, instrument panel, radio, and door locks, were vulnerable to attack.

The conclusion the team came to is that the vehicle’s software was “fragile” and easy to sabotage. In some cases simply sending imperfect packets of data, rather than specific control code, was enough for triggering a response from the vehicle.

Hacking into an automobile’s computer system is nothing new and has been happening since car computers systems have appeared. Typically hacking into a vehicle’s wireless key system or a ’s ECUs to boost has been happening for years.

As technology advances in automobiles, the risk grows greater that hackers will one day develop a means of getting into a vehicle’s control system remotely that will cause serious safety concerns.

Explore further: Mapping drone prompts China to scramble fighter jets: report

More information: Experimental Security Analysis of a Modern Automobile

Related Stories

The automobile of the future on the way

Jan 21, 2005

ROBOTIKER-TECNALIA Technological Centre is currently developing the project known as TANGER (Technologies for New Generation Automobiles). These technologies will integrate novel and innovative solutions into new automotive ...

Smart cars to rule the roads

Jul 14, 2006

It's been more than 20 years since Knight Rider hit the airwaves, but the next generation of KITT-style cars may be seen on freeways very soon. The next generation of autonomous "smart cars" is now on the agenda for both ...

Spacecraft dockings improve car assembly

Jan 20, 2010

(PhysOrg.com) -- The next car comes down the conveyor belt ready for the dashboard to be added. Speed and position are controlled as if it were a spacecraft docking automatically with the International Space ...

Recommended for you

Government ups air bag warning to 7.8M vehicles (Update)

20 hours ago

The U.S. government is now urging owners of nearly 8 million cars and trucks to have the air bags repaired because of potential danger to drivers and passengers. But the effort is being complicated by confusing ...

HP supercomputer at NREL garners top honor

Oct 21, 2014

A supercomputer created by Hewlett-Packard (HP) and the Energy Department's National Renewable Energy Laboratory (NREL) that uses warm water to cool its servers, and then re-uses that water to heat its building, has been ...

User comments : 12

Adjust slider to filter visible comments by rank

Display comments: newest first

jimbo92107
5 / 5 (1) May 18, 2010
"...what they found out may surprise you."

Really? It should surprise me that hackers with unfettered access to a car's computer modules should be able to screw up the car's operation? I could do worse with a bucket of sand and a pound of sugar.

If this article argues for anything, it's better locks. Meanwhile, don't create a traffic system that depends on centralized radio control. Now, if a hacker could generate bogus GPS signals, that would cause some serious havoc...
theophys
not rated yet May 18, 2010
BE AFRAID!!!
FEAR!!!
NEVER DRIVE AGAIN!!!
dtxx
3 / 5 (2) May 18, 2010
I think what is supposed to be shocking is the unprecedented level of control the computer systems have over the vehicle combined with their ease of access.

Sure you could compromise the control system on say first gen ABS cars. But you'd probably need a jack and some wrenches. This is something a passenger could potentially even connect, and with wireless broadband etc., the enabling factors are now there for a real "remote control car" scenario.
gunslingor1
not rated yet May 18, 2010
haha, I'm not surprise at all.. this has been possible for years.
gwrede
3.7 / 5 (3) May 18, 2010
Hmmm. An alternative to cutting the brake tubes in your rich wife's car? Set to activate the next time she's on her way to the in-laws.
physpuppy
5 / 5 (1) May 18, 2010
Difference here is that cutting tubes or using some sugar (you can use quite a bit less than a pound to wreck havoc :-)) will leave some sort of trace that tampering has occurred. Plus you need physical access to the car.

This sort of tampering could be performed remotely and it is possible for the saboteur to cover his/her tracks - leaving the liability to the driver.
trekgeek1
not rated yet May 18, 2010
I'll be worried when they do it wireless. If they had access to your computer, they could have just cut the breaks.
plasticpower
not rated yet May 18, 2010
I know of a simpler way to sabotage brakes on a car. It's called cutting the brake line by reaching your hand around the wheel.
Skepticus
3 / 5 (2) May 18, 2010
Now the enemies of the state or corporations will have a much better chance of driving off a cliff with no brakes at full throttle...
CSharpner
not rated yet May 18, 2010
Gee, I wonder if it could make a car accelerate out of control? :)
MikeLisanke
not rated yet May 19, 2010
I wonder if it is typical to look for this type of tamper in routine accident forensics?
fossilator
5 / 5 (1) May 19, 2010
Will Symantec release an automotive antivirus? What will be the mileage hit if installed?