In a widely publicized experiment two years ago, a journalist driving around St. Louis lost control of his Jeep Cherokee to white-hat hackers working from a laptop. From an apartment miles away, the hackers operated the vehicle’s air conditioner, radio and windshield wipers. The experiment then turned downright scary when the hackers disabled the accelerator on Interstate 64 — with considerable anxiety, the driver eventually coasted to a stop from a downhill freeway exit.
The incident not only generated a fascinating article in Wired Magazine, it also led to Fiat Chrysler’s recall of about 1.4 million vehicles for urgent software security upgrades. Throughout the automotive and trucking industries, cybersecurity has emerged as a leading issue in motor vehicle technology. It might also prove to be a significant obstacle to consumer and commercial confidence in the coming transition to driverless vehicles. If drivers can’t trust their onboard software systems to resist attack, the motor vehicle industry will pay a heavy price.
One survey of corporate risk managers in July 2016 found that 55 percent of the respondents saw cybersecurity issues as their biggest concern. With anywhere from 30 to 150 different digital systems on board, motor vehicles today are very highly dependent on the integrity and security of their software, especially in view of the fact that today’s cars and trucks are in constant communication with the Internet.
Growing concern about the security of automotive computer systems led the FBI and the National Highway Traffic Safety Administration to issue a joint public announcement about vehicle cybersecurity risks in March 2016. The government recommends that drivers check to see whether their vehicles are covered in a safety recall at least twice a year. Drivers are also urged to stay current with vehicle software updates, avoid unauthorized modifications to factory software, and be careful with aftermarket digital devices that connect to dashboard ports.
How Can a Hacker Take Control of a Car?
Digital command of vehicle operating systems from the radio to the drivetrain takes place through electronic control units, or ECUs, which are essentially small, limited-function computers. Today’s standard passenger cars typically have several dozen ECUs, many of which may be connected to an onboard controller area network (CAN). Unauthorized access to a networked ECU can thereby give a hacker access to any other ECU that is connected to the same CAN. That’s how the St. Louis hackers were able to control so many of the Jeep Cherokee’s operating systems.
In an earlier academic study from 2011, researchers found numerous software vulnerabilities in an unidentified standard production passenger car. The researchers identified the following as among the potential points of access for unauthorized entry and control:
• Short-range wireless access such as Bluetooth
• Long-range wireless access such as OnStar or Ford Sync
• Entertainment systems, including iPods or iPhones
• Vehicle-to-vehicle (V2V) digital communication systems
• Keyless entry and ignition systems
• Electric car charging cables
• Tire pressure monitoring systems
Having someone commandeer your brakes or acceleration is not the only risk of motor vehicle software security breaches. Your no-hands phone system can be used to eavesdrop on passenger conversations. Your driving can be monitored as to where you’ve been and when you were there. If someone hacks your routes as well as your keyless entry, your car could be stolen at a time and place of maximum convenience and minimum risk to the thief.
Security professionals are also well aware of the risk of vehicle software hacking as a potential weapon of terror. The power of a heavy truck to wreak catastrophic damage was on full display last summer in Nice, France, when a trucker-terrorist killed at least 80 people and injured hundreds more in a mile-long path of destruction. In a similar incident in Berlin last December, however, a newer truck’s advanced braking system saved many lives when it sensed the impending collision and stopped itself in 250 feet, with substantially fewer casualties.
Government and Industry Efforts to Resolve Cybersecurity Risks
The National Highway Traffic Safety Administration’s recent Federal Automated Vehicles Policy specifically mentions cybersecurity and consumer privacy as issues to be addressed in the design and testing of driverless vehicle technologies. The importance of software security in the motor vehicle industry was further underscored last year when the federal Department of Transportation and seventeen automakers created the Automotive Information Sharing and Analysis Center (Auto-Isac) to develop and share best practices about cybersecurity and other safety issues. A similar information-sharing program previously launched by the FAA and airlines was found to contribute significantly to aviation safety.
An important goal of Auto-Isac is to overcome the tight control and secrecy that automakers and software companies have maintained previously over their own research, testing and development activities. By sharing information about software vulnerabilities and solutions, the new program hopes to let the industry as a whole benefit from what each manufacturer will learn about cybersecurity in the course of its own work. This sharing of lessons learned can be expected to generate industry-wide best practices for resolving cybersecurity risks.
New outside approaches to motor vehicle software security might also pay substantial safety dividends. Researchers at the University of Nevada are working on ways to allow onboard ECUs to generate their own encryption keys rather than relying on those installed at the factory. By continually changing the access codes to critical onboard software, cars and trucks can effectively harden themselves as targets for potential hackers, thieves and terrorists. Self-generated encryption can also avoid the need for periodic security patches and updates from the factory.
The automotive industry and its software partners will necessarily intensify their efforts to improve their ability to anticipate and resolve cybersecurity issues. If they don’t, not only will driverless vehicle technologies be delayed, but consumer confidence in today’s software-dependent vehicles will be threatened, with potentially disastrous results for automaker profits.