Beware of Hackers Controlling Your Automobile

May 18, 2010 by John Messina, report

GMC's Yukon hybrid, control software logic analyzes hundreds of inputs every 10 milliseconds, including vehicle load, engine operations, battery parameters, and the temperatures in the high-voltage electric components. Credit: GMC
( -- A team of researchers led by Professor Stefan Savage from the University of California, San Diego and Tadayoshi Kohno from the University of Washington set out to see what it would take to control an automobile’s electronic control units (ECUs); what they found out may surprise you.

The researchers focused their attacks of the automobile’s ECUs which are located all over a vehicle and control the workings of many car components. The hackers created software called ‘CarShark’ to monitor communications between the ECUs and used fake packets of data to carry out the attack.

Access to the automobile’s was done through the computer’s access port that is standard among cars and used by mechanics to diagnose car’s performance before servicing.

The researchers launched a series of attacks against the automobile’s ECUs in a moving and stationary vehicle to determine how much control they could have on the car.

The researchers stated; "We are able to forcibly and completely disengage the brakes while driving, making it difficult for the driver to stop. Conversely, we are able to forcibly activate the brakes, forcing the driver forward and causing the car to stop suddenly."

The researchers found that practically every system in the car, such as brakes, light, engine, cooling, instrument panel, radio, and door locks, were vulnerable to attack.

The conclusion the team came to is that the vehicle’s software was “fragile” and easy to sabotage. In some cases simply sending imperfect packets of data, rather than specific control code, was enough for triggering a response from the vehicle.

Hacking into an automobile’s computer system is nothing new and has been happening since car computers systems have appeared. Typically hacking into a vehicle’s wireless key system or a ’s ECUs to boost has been happening for years.

As technology advances in automobiles, the risk grows greater that hackers will one day develop a means of getting into a vehicle’s control system remotely that will cause serious safety concerns.

Explore further: Automobile control research opens door to new safety features (w/ Video)

More information: Experimental Security Analysis of a Modern Automobile

Related Stories

The automobile of the future on the way

January 21, 2005

ROBOTIKER-TECNALIA Technological Centre is currently developing the project known as TANGER (Technologies for New Generation Automobiles). These technologies will integrate novel and innovative solutions into new automotive ...

Smart cars to rule the roads

July 14, 2006

It's been more than 20 years since Knight Rider hit the airwaves, but the next generation of KITT-style cars may be seen on freeways very soon. The next generation of autonomous "smart cars" is now on the agenda for both ...

Spacecraft dockings improve car assembly

January 20, 2010

( -- The next car comes down the conveyor belt ready for the dashboard to be added. Speed and position are controlled as if it were a spacecraft docking automatically with the International Space Station. Invented ...

Recommended for you

Pushing lithium ion batteries to the next performance level

December 13, 2018

Conventional lithium ion batteries, such as those widely used in smartphones and notebooks, have reached performance limits. Materials chemist Freddy Kleitz from the Faculty of Chemistry of the University of Vienna and international ...

Uber filed paperwork for IPO: report

December 8, 2018

Ride-share company Uber quietly filed paperwork this week for its initial public offering, the Wall Street Journal reported late Friday.


Adjust slider to filter visible comments by rank

Display comments: newest first

5 / 5 (1) May 18, 2010
"...what they found out may surprise you."

Really? It should surprise me that hackers with unfettered access to a car's computer modules should be able to screw up the car's operation? I could do worse with a bucket of sand and a pound of sugar.

If this article argues for anything, it's better locks. Meanwhile, don't create a traffic system that depends on centralized radio control. Now, if a hacker could generate bogus GPS signals, that would cause some serious havoc...
not rated yet May 18, 2010
3 / 5 (2) May 18, 2010
I think what is supposed to be shocking is the unprecedented level of control the computer systems have over the vehicle combined with their ease of access.

Sure you could compromise the control system on say first gen ABS cars. But you'd probably need a jack and some wrenches. This is something a passenger could potentially even connect, and with wireless broadband etc., the enabling factors are now there for a real "remote control car" scenario.
not rated yet May 18, 2010
haha, I'm not surprise at all.. this has been possible for years.
3.7 / 5 (3) May 18, 2010
Hmmm. An alternative to cutting the brake tubes in your rich wife's car? Set to activate the next time she's on her way to the in-laws.
5 / 5 (1) May 18, 2010
Difference here is that cutting tubes or using some sugar (you can use quite a bit less than a pound to wreck havoc :-)) will leave some sort of trace that tampering has occurred. Plus you need physical access to the car.

This sort of tampering could be performed remotely and it is possible for the saboteur to cover his/her tracks - leaving the liability to the driver.
not rated yet May 18, 2010
I'll be worried when they do it wireless. If they had access to your computer, they could have just cut the breaks.
not rated yet May 18, 2010
I know of a simpler way to sabotage brakes on a car. It's called cutting the brake line by reaching your hand around the wheel.
3 / 5 (2) May 18, 2010
Now the enemies of the state or corporations will have a much better chance of driving off a cliff with no brakes at full throttle...
not rated yet May 18, 2010
Gee, I wonder if it could make a car accelerate out of control? :)
not rated yet May 19, 2010
I wonder if it is typical to look for this type of tamper in routine accident forensics?
5 / 5 (1) May 19, 2010
Will Symantec release an automotive antivirus? What will be the mileage hit if installed?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.