is hacking vehicle electronic systems a potential method of stealing a car?
TRANSCRIPT
Is hacking vehicle electronic systems a potential method of stealing a car?
This study explores the potential for thieves to use computer hacking techniques to gain access to vehicle
systems. SBD examines the future of vehicle architecture and communications to identify the potential
threats of hacking a vehicle through various wired and wireless connections. Hacking is major news, and
researchers have already started to find vulnerabilities in existing systems. This report cuts through the
hype to help you gain a clear picture of what hacks can be achieved at the present and which are likely to
develop into threats in the future.
Vehicle manufacturers and systems suppliers need to consider security within the concept of new
communication systems, and to understand the capability that potential thieves will have when the vehicles
being developed now are eventually launched. This report will help prevent the exploitation of new
technologies.
Can Thieves Control My Car?Can Thieves Control My Car?
Hacking Attacks onHacking Attacks on
Vehicle Security SystemsVehicle Security Systems
SBD Secure Car ResearchSBD Secure Car Research
This report will help you to:
Gain insight into how new communications and
connectivity technologies will increase vehicle vulnerability
Examine the weaknesses in vehicle architecture to
understand how hackers could misuse them
Understand exactly what research teams have been able
to do and what methods were used
Benefit from useful pointers and solutions about future
proofing your vehicles against hacking
For additional information please email [email protected] or
telephone Alessio on +32 478 765506 and he will be happy to deal with
your enquiry.
Threats from vehicle hacking set to grow ...Threats from vehicle hacking set to grow ...
Vehicle technology and in-vehicle electronics have been fast moving developments over recent years, with modern vehicles becoming more dependent on Electronic Control Units (ECUs) to govern the majority of on-board vehicle functions. Couple this with an increased level of communication with infrastructure outside of the vehicle (off-board), and it is possible that these vehicles have now been left vulnerable to electronic hacking attacks. While these technological developments have no doubt helped to improve the performance, emissions, safety, and convenience aspects of the vehicle, computer software experts claim that the security of these connected ECUs against malicious manipulation has not been given as much consideration. Convenience systems such as navigation and remote diagnostics are often able (and are sometimes designed) to communicate with security and safety critical systems even over parallel networks. The on-board communications are not designed to prevent unauthorised access, as the wide variety of aftermarket diagnostic tools proves. Opening external channels to these vulnerable networks may give a hacker access to the vehicle’s central nervous sys tem via the CAN Bus if they could successfully break through the off-board systems or communication protocols. Research teams have already proven that vehicle hacking is possible both through wired and wireless connections to the vehicle; exerting control over systems including the engine, the brakes and the ignition.
Summary of Possible Hacking Access Routes Increasing in-vehicle electronics and wireless connectivity will only increase the opportunity for hackers to access the vehicle. Vehicle Manufacturers and Suppliers need to seriously consider the security protocols integrated into the vehicle to ensure that this level of control cannot be achieved. This report explains the current threat level and separates myth from fact regarding what thieves are currently capable of doing and what they may be capable of achieving in 7 years time with advances in vehicle architecture and advances in tools and techniques available to thieves. SBD cautiously predicts an increasing threat from this type of attack, and recommends within this report that study is made into partitioning security and safety systems from communication routes which a thief may utilise, stronger software protection within the on-board systems, and that security is considered in the initial design concept.
This report answers the following key questions:
Is vehicle hacking a threat to vehicles now?
What can be achieved once a hacking attack has successfully connected to the vehicle?
Is hacking a vehicle easy to do? What equipment/knowledge is needed?
How will the future integration of systems and the move towards open architecture change this problem?
...know what tomorrow brings...know what tomorrow brings
TABLE OF CONTENTSTABLE OF CONTENTS
1. Executive summary1. Executive summary
1.1 Introduction1.1 Introduction
1.1 Conclusions1.1 Conclusions
1.1 Recommendations1.1 Recommendations
2. Architecture Weaknesses 2. Architecture Weaknesses
2.1 Wired Connection2.1 Wired Connection
2.22.2 Wireless ConnectionWireless Connection
2.3 Vehicle Technology2.3 Vehicle Technology
2.3.1 Infotainment2.3.1 Infotainment
2.3.2 Telematics2.3.2 Telematics
2.4 Summary of Access Routes2.4 Summary of Access Routes
3. New Technology and Developments 3. New Technology and Developments
3.1 On Vehicle3.1 On Vehicle
3.2 Infrastructure3.2 Infrastructure
3.3 Theft Tools3.3 Theft Tools
4. Vehicle Hacking Attacks 4. Vehicle Hacking Attacks
4.1 Research Study 1 4.1 Research Study 1 -- Connected Vehicle Control Connected Vehicle Control
Units Units
4.2 Research Study 2 4.2 Research Study 2 –– TPMS TPMS
4.3 Research Study 3 4.3 Research Study 3 -- Police InPolice In--Car Surveillance Car Surveillance
System System
4.4 Public Hacking Incidences 4.4 Public Hacking Incidences
4.5 Summary of Successful Hacking Attacks 4.5 Summary of Successful Hacking Attacks
5. The Threat of Hacking 5. The Threat of Hacking
5.1 Why Hacking will be a Threat in the Future 5.1 Why Hacking will be a Threat in the Future
5.2 Control of the Vehicle 5.2 Control of the Vehicle
6. Secure and Protect 6. Secure and Protect
LIST OF FIGURESLIST OF FIGURES
Fig. 1 Developing CAN Architecture Fig. 1 Developing CAN Architecture
Fig. 2 Increased Connectivity of Infotainment Systems Fig. 2 Increased Connectivity of Infotainment Systems
Fig. 3 Telematics Communication Route Fig. 3 Telematics Communication Route
Fig. 4 Summary of Possible Hacking Access Routes Fig. 4 Summary of Possible Hacking Access Routes
Fig. 5 Road Train Concept Fig. 5 Road Train Concept
Fig. 6 TPMS Attack Tool Fig. 6 TPMS Attack Tool
Fig. 7 Summary of Successful Hacking Attacks Fig. 7 Summary of Successful Hacking Attacks
Fig. 8 Vehicle Hacking Threats Fig. 8 Vehicle Hacking Threats –– Present vs. Future Present vs. Future
Fig. 9 Criticality of OnFig. 9 Criticality of On--Board Vehicle Systems Board Vehicle Systems
Fig. 10 ECU Partitioning Fig. 10 ECU Partitioning –– Body Control ModuleBody Control Module
Criticality of On-Board Vehicle Systems
Low security
required
High security
required
Medium security
required
Engine
ECU
HVAC
SVR BCM
Audio
Controls
Instrument
Cluster
SOS
e-Call
Brake Management
Control Unit
CAN
Communication
The SBD Commitment ...
From technical trends reports to conducting end user surveys, SBD has over 15 years of experience of providing strategic advice, insight
and expertise to the automotive and associated industries globally.
At SBD, we help vehicle manufacturers and their suppliers bridge that gap between system design and actual market needs. Our diverse
team of experts understand global market and technical requirements and how to plan cost-effective systems for the future that
customers value and are willing to pay for.
About the report author...
Pricing:
Report Electronic pdf copy
2312 - Can Thieves Control My Car?
Hacking Attacks on Vehicle Security
Systems €2000
Craig Best (Technical Analyst – Vehicle Security)
Craig’s background is in Automotive Engineering at Loughborough University and he has a wide understanding of vehicle
design principles. He has provided extensive research on a number of SBD projects, and helps to analyse and maintain the
range of research databases. His current specialisation is in global theft statistics and vehicle technical information.
For a quotation or further information please contact
Alessio Ballatore on:
Email: [email protected]
Phone: +32 478 765506
Fax: +44 (0)1908 305 106
Related Services
Is your vehicle vulnerable to attack?
Understand the performance of your vehicle against the latest attack threats by using SBD’s testing services. With experienced, qualified
specialists in vehicle security and associated approval and test criteria, SBD can help you to future-proof and defeat actual theft methods
that would threaten your product. We already support a number of vehicle manufacturers and suppliers by providing clear strategic advice
and focused product and technology development.
To learn more about SBD’s testing and development services please contact us by email [email protected].
Related Reports
Vehicle Crime in the 21st Century and the Impact of Electronic Theft Methods
Theft patterns have shifted from small groups operating at a local level to more serious organised crime groups working
on a global scale. In addition to this, independent companies are now being granted access to vehicle security system
information for the diagnostics and repair market. SBD looks at these influences in its ground-breaking report; “Vehicle
Crime in the 21st Century and the Impact of Electronic Theft Methods” in order to stimulate the automotive and
associated industries’ awareness of changing trends and the need for new anti-theft strategies for the next-generation
vehicles.
Reference SBD/SEC/2196
High Tech Theft Series
Vehicle manufacturers and suppliers are under constant pressure to develop security systems that provide an effective
response to the rise in the use of sophisticated theft tools. So how can you keep one step ahead of thieves?
To help you understand what thieves are doing, what they are targeting and what high-tech tools they are using, SBD
have brought together three of our acclaimed vehicle theft reports. Gain a comprehensive insight into the future with
this Vehicle Theft Threats Package .