Current cars, and the cars coming in a few years, are simply not at all like the cars of just a couple years ago. These newfangled cars for young whippersnappers are like rolling computer networks, with various embedded computers and software services all talking to each other. It’s even common today for cars to have 3G Wireless data capability to support remote management app’s.
All this is cool for the car owner. They get to use smartphone app’s to remotely control electric car charging, or climate control settings. For example on a cold winter morning you can remotely fire up the cabin heater just before leaving the house so you don’t have the inconvenience of a cold car. We call this a First World Problem, but it is a nice creature comfort.
The on-board computers are, or will be, doing these services:
- Infotainment systems and dashboard: These systems are getting fancier, and the car makers are beginning to allow developers to make Apps for Cars
- Remote monitoring and control: The car makers can, and are, remotely monitoring cars to provide driver assistance features, or even remotely detecting when cars get into collision. Also, smartphone app’s can be used by the car owner to remotely monitor and control their car.
- Automated driver assist: Car makers are trying to increase driving safety with gizmos that automagically detect danger conditions, and automagically make the car do things … or, there’s also the automated parking assist, alleviating us of the drudgery of parallel parking.
- Full blown automated driving: In a few years self-driving cars will be commonplace, letting us take a nap while “driving” to work, etc.
Many of those features mean the car maintains data connections over a network to services run by the car maker. Hence, cars are capable of receiving and responding to inbound data requests. Hence, cars theoretically could be cracked by the nefarious people of the world.
Will we be needing antivirus software for our cars? That’s the question raised by this capability.
Have the car manufacturers fully tested the security of the on-board car software? Software security testing is never finished.
For example, Java-in-the-browser was recently proved to be so insecure that a major worldwide alert went out to completely disable Java support in the browser. As it so happens, I used to work as a software quality architect in the Java SE Quality Engineering team at Sun. Some of my teammates were THE people testing Java SE’s security vulnerabilities. I can guarantee you the team extensively tested Java SE every which way. But that didn’t prevent those horrendous security holes.
In other words, the car manufacturers will have done loads of security testing – but there will still be security holes.
What’s the risk?
The actual risk does depend on the architecture of these on-board systems. But we can think of several sorts of scary scenarios.
Big Brother The same government agencies that are gathering cell phone data, internet data, etc, won’t those agencies want to know our every move? How soon before the car companies receive demands for location data feeds? Internet service providers have been receiving similar government demands for years, and thanks to the post-9/11 security paranoia state we live in the laws require that companies comply with such requests etc. Maybe the car companies are already receiving such demands?
Carjacking What if the vulnerabilities included remote control of speed or direction or braking? Maybe a carjacker could hack into the car while you’re driving, force it to stop, at which point they pull out their guns and force you to hand over your car.
Government shutdown of traffic What if there’s a major confab of world government leaders, and the host government wants to ensure “protesters” don’t get anywhere near the conference? What if Police are chasing someone? Or emergency vehicles trying to get through traffic for emergency response? There’s a number of legitimate or not-so-legitimate reasons for government agencies to want to turn off all car traffic in a given area.
We already know that Tesla Motors can read, in real time, data about speed, location, driving habits, which radio station you’re listening to, climate control settings, and more. How do we know this? In the winter of 2013, an NY Times reporter published a hit piece on the Tesla Model S. Part of how Tesla demolished his claims was to publish a detailed data log of his activities captured from the car. It sure shut up the debate over the supposed inability of the Model S to perform well in Winter. But it also showed just how much data that Tesla can capture.
Recent revelations of NSA wiretapping and data collection show that the government is intensely interested in scooping up lots of data about everyone. Those of us who know about the Total Information Awareness system are not surprised. What surprised us was the extent of the data collection activities. That and the willingness of the NSA to simply crack into corporate networks to gather data the NSA doesn’t necessarily have legal reason to access.
The Tesla Model S has an onboard LAN running TCP/IP protocols, with several Linux/Unix-like computers running typical Unixy protocols – OpenVPN, SSH, DNS, HTTP, X11, etc. Yes, X11, it seems likely both the dashboard and center console are X11 displays. There’s even an open ethernet port that anybody can access. (see Cursory Evaluation of the Tesla Model S: We Can’t Protect Our Cars Like We Protect Our Workstations)
It’s safe to assume this will become commonplace over time. Embeddable Linux systems are becoming very cheap and I’m expecting there’s a whole market of automotive grade embeddable Linux widgets that automakers use as the building blocks of modern computerized cars.
Car buyers are accustomed to loading Apps into cellphones. They will be, or already are, going to assume they can do the same with that fancy schmancy infotainment system in the car dashboard. The car manufacturers will be, or already are, under pressure to do so.
But will doing so be safe, or will it leave the car vulnerable to hackers? And if cars have security vulnerabilities, what sort of things will the nefarious people do with them?
Before full fledged smartphones came along, the cellphone carriers were worried that Apps for Phones would mean nefarious cellphone apps could crash the cellphone networks. The carriers are, after all, ultimately responsible for network reliability, and they rightly have to protect the network. As a result, smartphones are designed with multiple security layers to mitigate the risk of nefarious cellphone apps.
Similar security models are needed in cars. An obvious thing is to limit the capabilities of software running in the infotainment system. Even if nefarious software gets onto that screen, it shouldn’t be able to do things like control car speed and braking. Those functions should be walled off from the infotainment software.
- Highway design could decrease death and injury risk, if “we” chose smarter designs - March 28, 2015
- GM really did trademark “range anxiety”, only later to abandon that mark - March 25, 2015
- US Government releases new regulations on hydraulic fracturing, that some call “toothless” - March 20, 2015
- Tesla Motors magic pill to solve range anxiety doesn’t quite instill range confidence - March 19, 2015
- Update on Galena IL oil train – 21 cars involved, which were the supposedly safer CP1232 design - March 7, 2015
- Another oil bomb train – why are they shipping crude oil by train? – Symptoms of fossil fuel addiction - March 6, 2015
- Chevron relinquishes fracking in Romania, as part of broader pull-out from Eastern European fracking operations - February 22, 2015
- Answer anti- electric car articles with truth and pride – truth outshines all distortions - February 19, 2015
- Apple taking big risk on developing a car? Please, Apple, don’t go there! - February 16, 2015
- Toyota, Nissan, Honda working on Japanese fuel cell infrastructure for Japanese government - February 12, 2015