With the growing popularity of Internet-connected features in cars, they become attractive targets for remote hacking. While as far as I know no malicious hacking has been reported, there have been multiple demonstrations of serious software vulnerabilities and breaches of vehicles software. A recent Wired magazine article was particularly damming. With Wired support, experienced “white hat” car hackers Charlie Miller and Chris Valasek managed to gain access to a brand new Jeep Cherokee and control several functions, including dashboard display, steering and braking.
Previous demonstrations of vehicle software vulnerabilities were accomplished via a direct physical connection to the car’s OBD-II port, and typically didn’t get much more than a polite public head nod from the manufacturer. Toyota responded to a Prius hack by posting the following: “It is important to note that a recently publicizes demonstration required a physical presence inside the vehicles, partial disassembly of the instrument panel and a hard-wired connection.”
This time, the breach was accomplished wirelessly using the Jeep’s IP address. Miller and Valasek hacked the Jeep’s Uconnect infotainment system software to allow them backdoor access to the entire CAN bus of the car.
The Fiat-Chrysler Automotive Group (FCA), already under the gun because of lax handling of previous recalls, is taking this one seriously. Chrysler is providing a software update for 1.4 million “certain vehicles equipped with 8.4-inch touchscreens”, including Dodge Vipers, Rams, Jeep Grand Cherokee and Cherokee (the model that was hacked), Durangos, Chryslers and Challengers manufactured between 2013 and 2015.
No Need to Panic Just Yet
Hacking car software is still a seriously challenging task. The Jeep hack involved a significant reverse-engineering effort and modification of the Uconnect firmware to gain access to the car’s CAN bus. Remotely accessing a car requires knowledge of the vehicle’s IP address as well its specific ECU software configuration, which varies dramatically from model to model, so the likelihood of your car being attacked while traveling on the highway are still minuscule, and headlines such as “Hackers Have the Power to Remotely Hijack Half a Million Chrysler Cars” are not accurate nor very helpful. Still, the requisite hacking skills and tools are beginning to spread, and the more publicity the topic gets, the more people become interested in vehicle software security, and not necessarily for the right reasons.
Software Complexity on the Rise
Connected car and infotainment system features are at the forefront of the battle on consumers’ attention and market share, driving the development of increasingly complex software-driven functionality and addressing complicated technical and behavioral issues stemming from the intersection of car features, smartphones and safety-critical systems. OEMs are also introducing an array of sophisticated active safety features such as active cruise control and lane departure warning, advancing on the path towards semi- and fully autonomous vehicles.
While recent hacks might be considered a demonstration rather than an imminent danger, it is yet another example of the consequences of automakers rushing to offer wireless connectivity and designing vehicle software haphazardly.
OEMs have a very long tradition of working closely with only a handful of key suppliers and keeping design information secretive. In the past, this strategy might have been productive, but it caused automakers to lag behind the rest of software industry. Automakers are experiencing schedule and budget overruns, poor quality, lukewarm consumer acceptance, security holes, and a rapidly growing number of software related recalls. [link to a doc w/ sw recalls?]
The recently disclosed use of vulnerable encryption mechanism in Volkswagen’s key fobs (and, reportedly, the attempt to hide it) is but one example of an insular, not-invented-here engineering culture using outdated methods.
As software assumes greater functional role and becomes more complex, quality problem and security vulnerabilities will rise sharply. As this trend continues, will we start seeing programming errors gradually replacing driver errors [link] as the main cause of car crashes?
Automakers Must Mature Software Engineering Practices
Automakers should change the way they think about cyber security design and about software development in general.
First, the industry has to be more open to outside innovation and adopt methods and best practices honed by software-intensive high tech industries. Indeed, OEMs are in the process of stablishing global research centers in Silicon Valley and elsewhere.
OEMs should employ proven industry technologies and methods, including recruiting of “white hat” hackers to help identify and close security gaps in a controlled manner. For instance, Tesla’s cash for bugs offer netted 20 bugs in the company’s website (no report if there will be a similar program for Tesla cars software.)
A significant element of this strategy must be the extensive use of reusable tested software modules instead of building most everything from the ground up slowly and expensively.
Finally, automakers should adopt an agile process to respond to the inevitable software glitches, keep pace with hackers, and to delivered new functionality more economically. Some OEMs have the ability to deliver software patches “over the air” (OTA) directly to the car. Unfortunate for FCA, Chrysler’s UConnect does not have remote update functionality and customers will be getting the security update on a USB drive. On the other hand, Tesla, whose name has become synonymous with OTA, apparently used over the air update to fix hacking weakness in its own software.
On a closing note, we should remember that connected cars are just one of a growing number of connected “things” in our increasingly expanding connected world. Securing the Internet of Things and ensuring data privacy are critical foundational elements of the IoT. Manufacturer must incorporate countermeasures in the design of connected devices, sensors and services. It cannot be an afterthought.
(Photo: 2015 JEEP COMPASS UCONNECT 430N/RHB. Source http://www.driveuconnect.com/)