Forgot your password?
typodupeerror
Security Transportation Technology

US Wants Cybersecurity Protection Plan For Cars 87

Posted by samzenpus
from the gentlemen-start-your-anti-virus dept.
coondoggie writes "As cars and other forms of transportation increasingly rely on online systems for everything from safety to onboard entertainment, the cybersecurity threat from those who would exploit such electronic control packages has also increased. That's why the US Department of Transportation (DOT) today issued a Request For Information to the security industry to help it build a roadmap to build 'motor vehicle safeguards against cybersecurity threats and assure the reliability and safety of automotive electronic control systems.'"
This discussion has been archived. No new comments can be posted.

US Wants Cybersecurity Protection Plan For Cars

Comments Filter:
  • kill switch (Score:5, Insightful)

    by dotmax (642602) on Wednesday August 03, 2011 @03:21PM (#36976604)
    How come the first thing that came to mind was "they want to put a kill switch in my car?" They won't call it that, of course.
    • by blair1q (305137) on Wednesday August 03, 2011 @03:39PM (#36976812) Journal

      No, they'll put in multiple switches and call it a Death Panel.

    • When I used to own a car, I had a mechanical kills switch installed anyway. It is a good idea. It meant I could leave the doors unlocked which in turn meant that no one tried to smash my windows to get in. I think they will try something more expensive and failure prone than that though. Since when do national governments ever go with the simple, cheap, effective option?
      • How about "Don't connect the vehicle electronics to any internet connection" for starters. Even if it costs an extra $0.05 over sharing a few transistors.

        Of course, if they can't do it for nuclear power stations, why bother with cars?

    • by EdIII (1114411)

      You mean it will be no different than any other "security initiative". Meaning, that of course they want it to be as hack "proof" as possible, but allow law enforcement to have access at will.

      I don't care how much you polish up that turd, how much lipstick on the pig, etc., you will never convince me that access by law enforcement cannot be misused and commandeered by either military forces in time of war, or criminals in search of profit.

      The only security initiative worth discussing that is actually valua

      • by ewanm89 (1052822)
        Considering it only takes one bent copper or dodgy judge (if warrant is needed) to misuse any law enforcement access. I'd say there is misuse of every access right they have at sometime or another. That's all assuming it's not a country where the whole establishment isn't fascist in it's policies and procedures.
  • dont include networking in automobile computer systems at all, just enough to run the car things like air/fuel mixture (the basics) you cant hack what does not exist..
    • by Grishnakh (216268)

      You don't need to go that far. Networking can be very useful in a car, for the navigation/entertainment/communcation system. Why have a nav system where you have to buy updates on DVD for $300 every year, instead of just downloading them for free whenever you're connected to a WiFi hotspot?

      The key is separation. The nav/comm computer does NOT need to be connected to the engine computer. The engine computer should be a separate system running a small RTOS, and dedicated solely to the engine management (a

      • Why have a nav system where you have to buy updates on DVD for $300 every year, instead of just downloading them for free whenever you're connected to a WiFi hotspot?

        I can assure you my city (>1 million people) doesn't change THAT often.

        • by Grishnakh (216268)

          No, but the whole country (assuming USA) does. New roads get built all the time. Who wants to be out-of-date with their nav system?
          There's plenty of other applications for network connectivity, both now and in the future: downloading music or movies, videoconferencing, etc. Who knows, as we've only started putting these kinds of systems in cars.

          My point is that it's not that hard to separate a networked computer from the system(s) that handles safety-critical functions.

          • by EdIII (1114411)

            Also, it is worth pointing out that is just complete utter fucking bullshit.

            $300 for a DVD?

            Considering how much they were paid, it is not beyond reason to receive free DVD updates in the mail. If you paid $3000 to get the NAV system in the first place, I am pretty sure that about $50 bucks of that will easily cover replacements for the life time of the vehicle.

            Charging you is just another way for them to gouge money out of you. It's also a strong incentive to pirate the crap out of it or install a system t

            • by Grishnakh (216268)

              I wasn't kidding about the $300 DVD. That's exactly the way Volvo's factory navigation systems work: the systems themselves are 5+ years behind the state-of-the-art seen in typical handheld systems from Garmin or TomTom as far as the navigation, graphics, UI, etc. On top of that, to support updates, there's a big-ass DVD drive in the glove box, taking up most of the glove box, just for the update discs. The updates cost $300 from the dealer.

              This isn't unusual in the industry. Other cars I've seen are si

              • by cvtan (752695)
                Older customers who would typical buy an "old geezer" car like a Lexus would still play CDs. I agree about the built-in nav systems. Purposely didn't get one for my 2005 MINI because it dominates the center of the dash, costs $1500 and would be obsolete way before I wanted to sell the car. Cars and computer stuff do not age at the same rate I'm afraid.
      • by EdIII (1114411)

        What happens when it is 9 billion degrees outside and I want my shiny iPhone BMW application to turn on my car and start the air conditioning?

        Having the engine and drive systems completely separate is a great idea, but one that fundamentally precludes features that will actually sell the technology.

        Unless you create an A/C system that can work independently from the car itself, you still have the same problem.

        • by Grishnakh (216268)

          Define "completely separate". You can already remotely start cars just by pressing a button on a remote control, and that doesn't involve interfacing computers at all, it's just one small computer (which handles the radio control) activates a relay to start the ignition. This isn't rocket science. Adding a relay module to an "infotainment" system so you can start the car from your iPhone would be exactly the same. It wouldn't be hard to eliminate the relay and have a more direct connection too, just by

          • by EdIII (1114411)

            You missed half my point.

            Security is maintained if you turn the car on... but what about malicious activity?

            Can you imagine a prankster turning on a big lot of cars at the same time? Run for a couple of hours and it will be quite a bit of gas wasted.

            So completely separate to me means that there is no way to manipulate the engine and drive control systems, either to turn it on, kill the engine, alter programming, change destination, etc.

            I was also considering malicious activity, including kill switches.

            If y

    • by bws111 (1216812)

      Because people like having remote door lock/unlock, remote engine start, tire pressure monitoring, push button start (instead of a key). All that requires some kind of wireless networking. And almost everything inside the car is on some kind of network (CAN bus). All those buttons on the steering wheel (cruise control, radio controls, etc) are just devices on a network. Door locks and window motors are devices on a network. Same with climate controls, entertainment system, etc.

    • Exactly. The car's driving systems should be airgapped. Simple. End of problem (that didn't exist).

    • by Svartalf (2997)

      Just simply don't do OnStar type idiocies.

      It's not hard... Don't do anything that's easily remote hackable on the car, whether it's ignition control, door locks (Key fobs are a nifty idea, but are they as secure as they could be?), or the like.

  • by blueAt0m (2393244)
    Call me a tinfoil'd mad hatter, but com'on. This is atrocious! one more thing for the gov to get their meddling hands into... I'm buying engines from now on; old, lackluster diesel autos without the obd* inside.
    • by subk (551165)
      Agreed, although they don't have to be lackluster.. I drive an 89 benz 300. I enjoy luxury and elegance along with the dependability and freedom from pesky electronics. I'm pretty sure the thing will survive an EMP.
  • Better Idea (Score:5, Insightful)

    by milbournosphere (1273186) on Wednesday August 03, 2011 @03:26PM (#36976666)
    Let's stop cramming all this electronic shit into our cars. The wireless capabilities of the newer cars these days is really starting to get scary. The tech is awesome, but the potential for wrong-doing (government, vandals, or otherwise) is just too great. Only so much of the new stuff they're coming out with is actually useful; the rest of it is just junk meant to distract from the actual act of driving, or to add to the billfold of whoever builds the replacements for these in-car computers.
    • by King_TJ (85913) on Wednesday August 03, 2011 @03:58PM (#36977068) Journal

      It seems to me there's really no inherent danger in adding wireless networking and other new electronics technologies to our vehicles. A big part of the potential problem stems from the insistence of auto-makers to integrate everything into ONE common system. For example, my 2007 Jeep Patriot 4x4 uses a CANBUS interface as the central communications bus for practically all of the electronics in the vehicle. If you try to swap out something like the factory headlights with an aftermarket set of HID lamps? You're likely to run into problems, because the system senses less electrical resistance on the headlight circuit than it expects, so it makes lights blink on and off in an "error" pattern. You can't successfully change out the factory stereo with an aftermarket one either, without spending $150+ more for a CANBUS module to plug in behind it, so the computer system communicates with it as it expects to see it. Other factory accessories won't work properly either, until the Jeep is taken in to the dealer and the firmware re-flashed with a version that has those features "enabled" in it.

      If things like wi-fi in the car are only interfaced with the stereo/media center, and that system is independent of the computer handling the engine, transmission, etc.? Hackers won't be able to do a single thing that directly affects the safety or performance of the vehicle. They'll only be able to mess up your in-dash entertainment system.

      • by MachDelta (704883)

        Except you already have wireless gear that's hooked straight to your ECU. Things like TPMS (anyone remember this little gem [networkworld.com] from last year?), vehicle remotes (start/doors/windows/trunk/etc), OnStar-style services, and the like are all things we know can communicate directly with the ECU. And automakers aren't likely to start trying to secure or separate these systems further because it will affect their bottom line. No, we're stuck waiting for the day that someones Pontiac becomes a Pwntiac and slams them i

        • by King_TJ (85913) on Wednesday August 03, 2011 @04:24PM (#36977470) Journal

          Yeah, but that's actually kind of my point in my original message.... These systems should be INDEPENDENT of the ECU in most cases. Vehicle remotes for starting the engine, opening the trunk, etc. don't worry me as a huge problem. I can't really see why they require any direct communications with the ECU (though they probably do simply for cost-savings reasons in many cases)? But really, those things are fairly basic; System listens for command and does ONE specific function of turning a switch on/off. If you succeed in hacking into it, what does that get you? Remote starts should be essentially disabled/non-functional while the engine is actually running and the car is in gear, so you shouldn't be able to just shut the engine off while someone's driving. Being able to open their locks means you can physically get into the vehicle while it's not moving -- but that's just a security issue, no different than being able to make a skeleton key that opens the doors/trunk.

          Things like On-Star? Yeah, much more of a potential issue since they do implement "kill switches" that can be triggered remotely. So far though, I've never heard of one being mis-used -- only positive stories of killing engines to recover stolen vehicles. So I'm not sure exactly how much or little security they already use in that particular system? (Hyundai is coming out with "Blue Link" on some of their vehicles, which implements something similar.)

          • by mr1911 (1942298)

            Things like On-Star? Yeah, much more of a potential issue since they do implement "kill switches" that can be triggered remotely. So far though, I've never heard of one being mis-used -- only positive stories of killing engines to recover stolen vehicles.

            Maybe that has something to do with On-Star's marcom group not putting out press releases when they mis-use a "feature". I will never own a vehicle that has On-Star in it.

          • by Svartalf (2997)

            So long as they've got a means to look up your car and do these sorts of things, OnStar can be hacked into and the black hats can do the same things that we're talking about being mis-used.

        • I'm pretty sure your Pontiac [wikipedia.org] will be safe.
      • by Fned (43219)

        Yeesh, sounds like they should rename it to CANTBUS.

      • For many years I've been planning to build my own car, recently the possibility of 3D-printing the body panels in ABS has really spurred my enthusiasm (forming the body panels from fiberglass is traditionally the most awful PITA part of the process).

        I've backed off the plan a bit recently because I'm waiting to see if the Scion FR-S will be any good, if it's not, well I'll feel good about building my own.

  • I demand that our government immediately convene a blue-ribbon commission to survey and understand the cyber-security of Owls. It is long-past time for our government to recognize this clear and present attack vector. Imagine the carnage: Terrorists take control of owls and deafen us with incessant daytime hooting. Or disrupt our sleep with all-night hooting. Or just crap all over our cars and cost us millions in extra car-washes.

    • I have an owl rock that has protected me from owls for more than 12 years now.

      Actually, I have a spare owl rock that I will sell you for $500 if you are interested.
    • by HTH NE1 (675604) on Wednesday August 03, 2011 @05:00PM (#36978060)

      Just because your code is in ROM doesn't mean you can't be hacked. Your stack is still in RAM. If you can find one little exploit that lets you put as little as, say, 12 bytes onto the stack, if you know everything that's in the ROM, you could repurpose the existing ROM code to do whatever you wanted [grc.com] by calling the tail ends of existing functions.

      On that link, search forward for "Because they knew this was a voting machine, security was paramount. They made it so that it was impossible to execute code from RAM. They thought, there's no way, there's no reason that anyone has a legitimate reason for executing code from RAM" and read from there. Yes, it's long. Get the MP3 if you'd rather listen.

  • Brings to mind Roger Zelazny's "Last of the Wild Ones" [readr.ru].
  • Somehow I'm guessing that somebody at the DOT just discovered the "new" Battlestar Galactica is on "play instantly" on Netflix...
  • its bound to be as equally effective to protect your dumbass web cars

  • by cosm (1072588) <thecosm3@gmail. c o m> on Wednesday August 03, 2011 @03:49PM (#36976946)
    If I cyber-see the cyber word in one more cyber-news article I am going to cyber-kick the people who cyber-pen each one of these fucking cyber-articles and cyber-laws. Its about damn cyber-time that we accept that cyber-things that happen in the cyber-world are no more disconnected from cyber-reality than the communication medium we cyber-interact with.

    I am electronically typing this on my electronic keyboard and viewing this cyber-page with my electronic monitor. Thankfully, after a real-day of complete cyber-bullshit, I relax with my dead-tree-books on my physical-leather couch in my real-house in the real-world.

    The real cyber-question is whether or not this cyber-rant is virtual pontification or just more cyber chat. I'll get on my AOL and go AskJeeves it and see if I can find a GeoCities page that describes proper usage of 90's buzzwords that are used way to cyber-much.
  • There's really no sense in worrying about anything in a car that's not responsible for the actual driving of the car. If the computers that control engine timing, or braking, or airbag deployment get hacked, that's a problem. If the entertainment system gets hacked, and somebody maliciously transfers some Michael Bolton mp3s to your sound system, it's much less of a problem. You simply need to isolate the systems. Cars already have multiple internal computers, so it's not like this requires splitting on

    • Drive by Rickroll in 5..4..3..2..1

      Microsoft Sync = LOLs
    • > there's no reason for that to ever be even technically feasible.

      Google "OnStar remote kill switch"

    • > There's really no sense in worrying about anything in a
      > car that's not responsible for the actual driving of the car.

      We worry about our desktop PCs, laptops, smartphones - why should we worry less when the computer's embedded in the car?

  • Here is a start: (Score:5, Insightful)

    by MSesow (1256108) on Wednesday August 03, 2011 @03:55PM (#36977026)
    As with so many other systems, when it doesn't need to be connected to a network to do what it does and when connecting it to said network opens up the chance for attacks over the network, THEN LEAVE IT OF THE FSCKING NETWORK! Regardless of if it is airplane systems, nuclear centerfuges, general industrial control systems, medical equipment, cars or whatever else, if you leave it completely unconnected from a network then you have removed a very real vector of attack. And that doesn't mean you have to stop paying attention, but it does mean you are off to a good start.
    • Agreed. My first thought was that carmakers just need to leave the sensitive/important control elements of a car decoupled from those which are network-enabled. I believe that airliners are designed similarly in that their in-flight entertainment systems are always 100% not connected to flight systems (regardless of whether or not the entertainment systems are Internet-connected, there's definitely a parallel to be made here).
      • My first thought was that carmakers just need to leave the sensitive/important control elements of a car decoupled from those which are network-enabled. I believe that airliners are designed similarly

        And you would think that car manufacturers would feel the same way. However, car manufacturers produce more cars than airplane manufacturers produce airplanes. And saving, say, $10 per car by having one network that handles everything is a good thing. Besides, it makes it easier to do things like starting your car from your iPhone which is cool.

    • by Fastolfe (1470)

      Agreed. I have no problems if you want to put any sort of electronic or wireless system in my car, but it needs to be completely electrically isolated from the parts of my car that I need to drive. Assume that an attacker will pwn everything else, and can go so far as to manipulate power draw or create an electrical short. None of that should affect my ability to drive. If you want to send information like speed to the other systems, create a one way data path and use an optical connection.

  • Keep driving the old clunker

  • The ability to track, monitor, bug & ultimately seize control of any passenger car in the "land of the free"!

    Glad I drive a 66 Bel Air wagon, go ahead, make my day!

  • ...this is not a way to get a government black box in all cars at all. Nothing to see here folks.

    • ...this is not a way to get a government black box in all cars at all. Nothing to see here folks.

      No, it's not. The government black box is, for all intents and purposes, already in the car. This is to get systems set up so that the government can log in and download info from the black box whenever they want.

  • Spend your time on actual roads and rail lines. We can manage the cars and our loss of them just fine.
  • by istartedi (132515) on Wednesday August 03, 2011 @05:27PM (#36978430) Journal

    There is a model-T that still runs in my area. I've seen the guy a few times in the grocery store parking lot, and cruising about the retail district. I'm pretty sure cybersecurity is not a problem for him.

    In other words, the solution is: Duh! Cars don't need to be on any stinkin' network.

    • by xenobyte (446878)

      There is a model-T that still runs in my area. I've seen the guy a few times in the grocery store parking lot, and cruising about the retail district. I'm pretty sure cybersecurity is not a problem for him.

      In other words, the solution is: Duh! Cars don't need to be on any stinkin' network.

      Exactly what I was going to say!

      Until we have cars that can fully auto-drive without any driver intervention, all that electronic junk is basically unnecessary and if it poses a problem, junk it.

      Cars ran fine back in the day (no need to go that far back, the 50's and 60's had great cars too with zero electronic junk in them) and there's no reason they can't do that again. Maybe on a different fuel but still just a basic combustion engine that Ford himself would be able to fix, should it break down.

  • The smart / auto drive cars will need a very good plan as a hack then just hack them and trun a auto drive road in to a big pile up or cars or maybe just shut down the road system.

  • Each time this rubric gets spouted, it's a sham trying to hide another attempt to control the public.

    So while they're "protecting you from cyber criminals" they'll also be monitoring your driving, your destinations, etc. All the better to protect us from "terrerists or child molesters.

    It's just accidental, you know - to verify you're not being hacked they'd need to know what you're doing, right? And you'll buy in and feel so much safer - until the insurance companies start subpoenaing this evidence and the

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...