Car Hacking: You Cannot Have Safety without Security

Pierluigi Paganini March 03, 2014

Introduction to the article “Car Hacking: You Cannot Have Safety without Security” published by the Infosec Institute. Means, Methods and Countermeasures.

Car hacking is a topic increasingly discussed by the media and within the security community, it is crucial to understand the level if security offered by vehicles due the effects of the massive introduction of technology in our vehicles is car hacking. The term refers to the possibility that an attacker can gain complete control of the technological components within our cars.

Modern cars contain upwards of 50 electronic control units (ECUs) that exchange data within an internal network. The safety of the automobiles relies on near real time communication between the different ECUs for predicting crashes, performing anti-lock braking, and much more.

Recently, Charlie Miller, one of the most popular hackers, demonstrated working with Chris Valasek, director of security intelligence at IOActive, the possibility to hack a car by breaking into the control system of the vehicles.

Cars are complex systems composed of numerous intelligence components that control different functions of the vehicle. The massive introduction of electronics requests a serious approach to the overall security of those parts.

“Automotive computers, or Electronic Control Units (ECU), were originally introduced to help with fuel efficiency and emissions problems of the 1970s but evolved into integral parts of in-car entertainment, safety controls, and enhanced automotive functionality.

This presentation will examine some controls in two modern automobiles from a security researcher’s point of view. We will first cover the requisite tools and software needed to analyze a Controller Area Network (CAN) bus. Secondly, we will demo software to show how data can be read and written to the CAN bus.

“Then we will show how certain proprietary messages can be replayed by a device hooked up to an ODB-II connection to perform critical car functionality, such as braking and steering.Finally, we’ll discuss aspects of reading and modifying the firmware of ECUs installed in today’s modern automobile,” reports an abstract related to the presentation done at the Black Hat security conference in August 2013.

Hackers and cyber experts are exploiting the possibility to exploit security vulnerabilities to interact directly with principal components of a vehicle, including braking and steering.

Electronic Control Units (ECUs) and Controlled Area Network (CAN)

Majority of the attacks are based today on “interferences” operated through the Controlled Area Network, the entry door for modern car hacking. Electronic Control Units communicate together on one or more bus, based on the Controlled Area Network standard, so hackers are developing methods to modify the ordinary behavior.

The CAN bus (controller area network) is the standard in the automotive industry, designed to allow data exchange between ECU and devices within a vehicle without a host computer. The CAN bus is also used in other industries, including aerospace and industrial automation.

In the automotive, ECUs exchange CAN packets, and every packet is broadcasted to all the elements on the same bus, this means each node can interpret it. The principal problem is that packets lack a sender ID and the protocol doesn’t implement an efficient authentication mechanism. This means that attackers can capture every packet, spoof the sender ID, and authenticate itself to the ECU, which does not correctly check the identity of the sender ID.

The CAN protocol implements two different message frame formats: base frame format and the extended frame format. The only difference between the two formats is that the first one supports a length of 11 bits for the identifier, while the extended format supports a length of 29 bits for the identifier, made up of the 11-bit identifier (“base identifier”) and an 18-bit extension (“identifier extension”).

CAN standard implements four types of frames:

  • Data frame: a frame containing node data for transmission
  • Remote frame: a frame requesting the transmission of a specific identifier
  • Error frame: a frame transmitted by any node detecting an error
  • Overload frame: a frame to inject a delay between data and/or remote frame

Figure 2 – CAN frame format (Wikipedia)

CAN is a simple low level protocol that doesn’t implement any security features. The security must be implemented at a higher level; applications are responsible for implementation of security mechanisms.

“Password mechanisms exist for data transfer that can modify the control unit software, like software download or ignition key codes, but usually not for standard communication.”

A hacker sending specifically crafted packets to target ECUs on the CAN could be able to modify their behavior or totally reprogram the units.

The State of the Art for Car Hacking

Today’s vehicles are equipped with connected computers that could be exploited by an attacker for various purposes. To prevent similar offenses, US auto-safety regulators decided to start a new office focusing on these categories of cyber threats.

“These interconnected electronics systems are creating opportunities to improve vehicle safety and reliability, but are also creating new and different safety and cyber security risks,” declared David Strickland, head of the National Highway Traffic Safety Administration.

Car hacking could be conducted to exploit new generation vehicles that are even more connected to the Internet, with each other and to wireless networks. We have to consider the fact that numerous companies are starting to think of cars as a node of an immense network that is able to acquire information from the environment to provide data useful for many services for the population of smart cities. Modern vehicles are equipped with sophisticated controllers that manage in real time an impressive amount of information. The controller of a luxury car has more than 100 million lines of computer code, while software and electronics account for 40% of the cost of the car. Every technological component in a vehicle and communication channel could be attacked by cyber criminals.

What are the principal methods to hack a car?

The most accredited methods of attacks are:

  • Exploit of Telematics System. The vehicles are equipped with systems that allow them to communicate with a remote center to pass their position, and in the future a growing number of car manufacturers could also provide telemetry services for a remote diagnostic that could prevent accidental crash and electronic fault. Today, hackers theoretically could already exploit similar systems installed on the car, for example an anti-theft system that remotely arrests a stolen vehicle. Once access to a vehicle is obtained, the attackers could interact with every component on the car through the CAN bus and modify their parameters.
  • Malware exploits – The attackers could infect some of car components, modifying their behavior. A malware could be injected in different ways, for example, using a USB stick inserted into MP3 reader or a wireless technology (WiFi or Bluetooth).
  • Unauthorized Applications – Cars are equipped with on board computers that can execute or download applications. Also for cars, these applications could be provided by malicious and unauthorized third-parties. Let’s think of the update of any software on-board; an attacker could provide malicious code to the car “masqueraded” as an update and to execute in this way unauthorized software with needed privileges.
  • OBD – specifically written software could exploit the OBD-II (On-board diagnostics) port for their installation. Once the connector is accessed via the CAN bus, it is possible to monitor every component connected to it.
  • DOOR LOCKS and KeyFobs – an attacker could emulate the presence of access code used by these two systems. In this way he could control locks and start/stop for car engines.

Let me suggest the reading of the complete and original topic I have written for the Infosec Institute, it includes real data on the principal attacks conducted by hacking community and possible countermeasures suggested

Refer Car Hacking: You Cannot Have Safety without Security

 

Pierluigi Paganini

(Security Affairs –  car hacking, security)



you might also like

leave a comment