SBD Secure Car Research
Can Thieves Control My Car? Hacking Attacks on Vehicle Security Systems
Is hacking vehicle electronic systems a potential method of stealing a car? This study explores the potential for thieves to use computer hacking techniques to gain access to vehicle systems. SBD examines the future of vehicle architecture and communications to identify the potential threats of hacking a vehicle through various wired and wireless connections. Hacking is major news, and researchers have already started to find vulnerabilities in existing systems. This report cuts through the hype to help you gain a clear picture of what hacks can be achieved at the present and which are likely to develop into threats in the future. Vehicle manufacturers and systems suppliers need to consider security within the concept of new communication systems, and to understand the capability that potential thieves will have when the vehicles being developed now are eventually launched. This report will help prevent the exploitation of new technologies.
This report will help you to:
Gain insight into how new
communications and connectivity technologies will increase vehicle vulnerability
Examine the weaknesses in vehicle architecture to understand how hackers could misuse them
Understand exactly what research teams have been able to do and what methods were used
Benefit from useful pointers and solutions about future proofing your vehicles against hacking
For additional information please email
[email protected] or telephone Alessio on +32 478 765506 and he will be happy to deal with your enquiry.
Threats from vehicle hacking set to grow ... Vehicle technology and in-vehicle electronics have been fast moving developments over recent years, with modern vehicles becoming more dependent on Electronic Control Units (ECUs) to govern the majority of on-board vehicle functions. Couple this with an increased level of communication with infrastructure outside of the vehicle (off-board), and it is possible that these vehicles have now been left vulnerable to electronic hacking attacks. While these technological developments have no doubt helped to improve the performance, emissions, safety, and convenience aspects of the vehicle, computer software experts claim that the security of these connected ECUs against malicious manipulation has not been given as much consideration. Convenience systems such as navigation and remote diagnostics are often able (and are sometimes designed) to communicate with security and safety critical systems even over parallel networks. The on-board communications are not designed to prevent unauthorised access, as the wide variety of aftermarket diagnostic tools proves. Opening external channels to these vulnerable networks may give a hacker access to the vehicle’s central nervous sys tem via the CAN Bus if they could successfully break through the off-board systems or communication protocols. Research teams have already proven that vehicle hacking is possible both through wired and wireless connections to the vehicle; exerting control over sys tems including the engine, the brakes and the ignition.
Summary of Possible Hacking Access Routes
Increasing in-vehicle electronics and wireless connectivity will only increase the opportunity for hackers to access the vehicle. Vehicle Manufacturers and Suppliers need to seriously consider the security protocols integrated into the vehicle to ensure that this level of control cannot be achieved. This report explains the current threat level and separates myth from fact regarding what thieves are currently capable of doing and what they may be capable of achieving in 7 years time with advances in vehicle architecture and advances in tools and techniques available to thieves. SBD cautiously predicts an increasing threat from this type of attack, and recommends within this report that study is made into partitioning security and safety systems from communication routes which a thief may utilise, stronger software protection within the onboard systems, and that security is considered in the initial design concept.
This report answers the following key questions:
Is vehicle hacking a threat to vehicles now?
What can be achieved once a hacking attack has successfully connected to the vehicle?
Is hacking a vehicle easy to do? What equipment/knowledge is needed?
How will the future integration of systems and the move towards open architecture change this problem?
...know what tomorrow brings TABLE OF CONTENTS 1. Executive summary 1.1 Introduction 1.1 Conclusions 1.1 Recommendations 2. Architecture Weaknesses 2.1 Wired Connection 2.2 Wireless Connection 2.3 Vehicle Technology 2.3.1 Infotainment 2.3.2 Telematics 2.4 Summary of Access Routes 3. New Technology and Developments 3.1 On Vehicle 3.2 Infrastructure 3.3 Theft Tools 4. Vehicle Hacking Attacks 4.1 Research Study 1 - Connected Vehicle Control Units 4.2 Research Study 2 – TPMS 4.3 Research Study 3 - Police InIn-Car Surveillance System 4.4 Public Hacking Incidences 4.5 Summary of Successful Hacking Attacks
5. The Threat of Hacking 5.1 Why Hacking will be a Threat in the Future 5.2 Control of the Vehicle 6. Secure and Protect
LIST OF FIGURES Fig. 1 Developing CAN Architecture Fig. 2 Increased Connectivity of Infotainment Systems Fig. 3 Telematics Communication Route Fig. 4 Summary of Possible Hacking Access Routes Fig. 5 Road Train Concept Fig. 6 TPMS Attack Tool Fig. 7 Summary of Successful Hacking Attacks Fig. 8 Vehicle Hacking Threats – Present vs. Future Fig. 9 Criticality of OnOn-Board Vehicle Systems Fig. 10 ECU Partitioning – Body Control Module
Criticality of On-Board Vehicle Systems
High security required
Engine ECU Brake Management Control Unit
Medium security required
SOS e-Call BCM
HVAC
Instrument Cluster Audio Controls
Low security required
SVR
CAN Communication
The SBD Commitment ... From technical trends reports to conducting end user surveys, SBD has over 15 years of experience of providing strategic advice, insight and expertise to the automotive and associated industries globally. At SBD, we help vehicle manufacturers and their suppliers bridge that gap between system design and actual market needs. Our diverse team of experts understand global market and technical requirements and how to plan cost-effective systems for the future that customers value and are willing to pay for.
About the report author... Craig Best (Technical Analyst – Vehicle Security) Craig’s background is in Automotive Engineering at Loughborough University and he has a wide understanding of vehicle design principles. He has provided extensive research on a number of SBD projects, and helps to analyse and maintain the range of research databases. His current specialisation is in global theft statistics and vehicle technical information.
Pricing: Report
Electronic pdf copy
2312 - Can Thieves Control My Car? Hacking Attacks on Vehicle Security Systems
For a quotation or further information please contact Alessio Ballatore on:
Email:
[email protected] €2000
Phone: +32 478 765506 Fax: +44 (0)1908 305 106
Related Services Is your vehicle vulnerable to attack? Understand the performance of your vehicle against the latest attack threats by using SBD’s testing services. With experienced, qualified specialists in vehicle security and associated approval and test criteria, SBD can help you to future-proof and defeat actual theft methods that would threaten your product. We already support a number of vehicle manufacturers and suppliers by providing clear strategic advice and focused product and technology development. To learn more about SBD’s testing and development services please contact us by email
[email protected].
Related Reports Vehicle Crime in the 21st Century and the Impact of Electronic Theft Methods Theft patterns have shifted from small groups operating at a local level to more serious organised crime groups working on a global scale. In addition to this, independent companies are now being granted access to vehicle security system information for the diagnostics and repair market. SBD looks at these influences in its ground-breaking report; “Vehicle Crime in the 21st Century and the Impact of Electronic Theft Methods” in order to stimulate the automotive and associated industries’ awareness of changing trends and the need for new anti-theft strategies for the next-generation vehicles. Reference SBD/SEC/2196 High Tech Theft Series Vehicle manufacturers and suppliers are under constant pressure to develop security systems that provide an effective response to the rise in the use of sophisticated theft tools. So how can you keep one step ahead of thieves? To help you understand what thieves are doing, what they are targeting and what high-tech tools they are using, SBD have brought together three of our acclaimed vehicle theft reports. Gain a comprehensive insight into the future with this Vehicle Theft Threats Package .