Wireless tire pressure monitoring systems in cars may compromise privacy, pose security threat

Aug 12, 2010

New wireless technologies in cars may compromise a driver's privacy and pose a security threat, warn researchers at Rutgers University.

Modern automobiles are increasingly equipped with wireless sensors and devices, such as systems that monitor air pressure inside tires and trigger dashboard warnings if a tire's pressure drops. The Rutgers researchers have shown that these wireless signals can be intercepted 120 feet away from the using a simple receiver despite the shielding provided by the metal car body.

Since signals in tire pressure monitoring systems (TPMS) include unique codes from each wheel sensor, this raises concerns that drivers' locations could be tracked more easily than through other means, such as capturing images of license plates.

The Rutgers researchers and their collaborators at the University of South Carolina are presenting results of their work this week at the USENIX Security Symposium, one of the premiere academic computer security conferences. The researchers are experts in wireless communication and computer networking security.

TPMS wireless transmissions also lack security protections common in basic computer networking, such as input validation, or authentication. The researchers demonstrated how a transmitter that mimics, or "spoofs," the sensor signal can easily send false readings and trigger a car's dashboard warning display. This could prompt a driver into stopping his or her car when there is actually nothing wrong with the tires.

"We have not heard of any security compromises to-date, but it's our mission as privacy and security researchers to identify potential problems before they become widespread and serious," said Marco Gruteser, associate professor of electrical and computer engineering and a member of the university's Wireless Information Network Laboratory (WINLAB).

He notes that tire pressure monitoring is the first widespread use of in-car wireless networking, and because of the increasing cost and complexity of wired electronic systems, it's reasonable to expect other aspects of automobile operation to come under wireless control.

"A spoofed signal could potentially cause serious safety concerns if stability control or anti-lock braking systems relied on the data," he said. "So we are sounding the alarm right now."

Gruteser acknowledged that intercepting and spoofing signals is not a casual effort. But the fact that people with college-level engineering expertise could carry out those actions using publicly available radio and computer equipment costing a few thousand dollars shows that systems are vulnerable.

Tire pressure monitoring was widely implemented starting around 2000 using systems that measure and compare wheel rotation speeds. A mismatch infers that a tire is underinflated. This method wasn't accurate enough to meet U.S. regulatory requirements that took effect later in the decade, so automakers started installing systems that directly monitor air pressure inside the tires and transmit that information to a control unit. The two systems that Rutgers examined are commonly used in vehicles manufactured during the past three years.

"While we agree this technology is essential for driver safety, more can be done to improve security, such as using input validation or encryption," said Wade Trappe, a collaborator on the project who is an associate professor of electrical and computer engineering and associate director of WINLAB.

The researchers' South Carolina collaborators, led by Wenyuan Xu, a former doctoral student at WINLAB and now an assistant professor at the University of South Carolina, were able to intercept a signal more than 30 feet from the car using a simple antenna and more than 120 feet away by adding an amplifier. They were able to analyze the radio signal and reverse-engineer the code using common laboratory instruments. With that knowledge, they built a transmitter that spoofed a sensor's wireless message.

In tests using their own cars, the researchers were able to send false signals from one car and trigger a "low tire pressure" light in another while driving next to each other at 35 miles per hour. They were also able to trigger the dashboard "check tire pressure" light while driving next to each other at 65 miles per hour.

The researchers also found that at least one tire pressure system could be damaged through spoofed wireless signals.

Explore further: CU-Boulder leads international unmanned aircraft testing event at Pawnee Grassland

Related Stories

Automatic tire pressure maintenance system

May 19, 2005

The National Nuclear Security Administration's Sandia National Laboratories recently provided three engineering concepts to small business owner Dale Petty for a gadget that keeps car tires inflated to the right pressure. ...

Infineon Introduces Three New Automotive Electronics Sensors

Jun 11, 2004

Munich, Germany and Detroit, Michigan, USA – June 8, 2004 – At the Sensors Conference and Expo, Infineon Technologies (FSE/NYSE: IFX) announced three new sensor products for automotive safety applications. The new sensor ...

Wireless drug control

Feb 06, 2009

Electronic implants that dispense medicines automatically or via a wireless medical network are on the horizon. Australian and US researchers warn of the security risks in a forthcoming issue of the International Journal of ...

NIST Measures Challenges for Wireless in Factories

Aug 31, 2007

Factories have much to gain from wireless technology, such as robot control, RFID tag monitoring, and local-area network (LAN) communications. Wireless systems can cost less and offer more flexibility than cabled systems. ...

Recommended for you

Lawsuits challenge US drone, model aircraft rules

10 hours ago

Model aircraft hobbyists, research universities and commercial drone interests filed lawsuits Friday challenging a government directive that they say imposes tough new limits on the use of model aircraft ...

For secure software: X-rays instead of passport control

Aug 21, 2014

Trust is good, control is better. This also applies to the security of computer programs. Instead of trusting "identification documents" in the form of certificates, JOANA, the new software analysis tool, examines the source ...

Razor-sharp TV pictures

Aug 21, 2014

The future of movie, sports and concert broadcasting lies in 4K definition, which will bring cinema quality TV viewing into people's homes. 4K Ultra HD has four times as many pixels as today's Full HD. And ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

JeffJohnson17
not rated yet Aug 12, 2010
I would be more worried about something like say a GPS system that tracks your every move. On* is big brother on board.
Raygunner
not rated yet Aug 13, 2010
Larger cities (i.e. Chicago) are using a "mesh" type of radio system to cover the city and seamlessly move data around for surveillance, hidden camera video, audio monitoring, etc. This system (based on military technology more than 10 years old) could easily track the wireless TX from car tire sensors into every nook and cranny around the city and pinpoint a car's location to within a few feet (same as cell phones - no GPS required). As we move towards a society where privacy is forbidden it will be a matter of months, less than a year, before a "backdoor" code is required by the government - if it isn't already - to allow officials to stop a car by remote command. And when the hackers get this they could broadcast a "kill" command that could stop all vehicles within this network, possibly the entire nation. Wouldn't that be a hoot! Not the Brave New World that we envisioned, eh? No, I'm not paranoid - at least I don't think I am.