US Wants Cybersecurity Protection Plan For Cars 87
coondoggie writes "As cars and other forms of transportation increasingly rely on online systems for everything from safety to onboard entertainment, the cybersecurity threat from those who would exploit such electronic control packages has also increased. That's why the US Department of Transportation (DOT) today issued a Request For Information to the security industry to help it build a roadmap to build 'motor vehicle safeguards against cybersecurity threats and assure the reliability and safety of automotive electronic control systems.'"
Re:Why so much integration? (Score:4, Informative)
Yeah, but that's actually kind of my point in my original message.... These systems should be INDEPENDENT of the ECU in most cases. Vehicle remotes for starting the engine, opening the trunk, etc. don't worry me as a huge problem. I can't really see why they require any direct communications with the ECU (though they probably do simply for cost-savings reasons in many cases)? But really, those things are fairly basic; System listens for command and does ONE specific function of turning a switch on/off. If you succeed in hacking into it, what does that get you? Remote starts should be essentially disabled/non-functional while the engine is actually running and the car is in gear, so you shouldn't be able to just shut the engine off while someone's driving. Being able to open their locks means you can physically get into the vehicle while it's not moving -- but that's just a security issue, no different than being able to make a skeleton key that opens the doors/trunk.
Things like On-Star? Yeah, much more of a potential issue since they do implement "kill switches" that can be triggered remotely. So far though, I've never heard of one being mis-used -- only positive stories of killing engines to recover stolen vehicles. So I'm not sure exactly how much or little security they already use in that particular system? (Hyundai is coming out with "Blue Link" on some of their vehicles, which implements something similar.)
Re:Don't connect them to the internet and use ROM (Score:4, Informative)
Just because your code is in ROM doesn't mean you can't be hacked. Your stack is still in RAM. If you can find one little exploit that lets you put as little as, say, 12 bytes onto the stack, if you know everything that's in the ROM, you could repurpose the existing ROM code to do whatever you wanted [grc.com] by calling the tail ends of existing functions.
On that link, search forward for "Because they knew this was a voting machine, security was paramount. They made it so that it was impossible to execute code from RAM. They thought, there's no way, there's no reason that anyone has a legitimate reason for executing code from RAM" and read from there. Yes, it's long. Get the MP3 if you'd rather listen.