Automotive Security in Broad Strokes
Along with most of our devices, cars have also become “smarter” and more connected. With this, like with any other device that introduces more functionality, there is a potential to exploit these functions.
Hacking automotive devices can be a very alienating experience compared to other devices. For example, while an internet-connected fire alarm might seem radically different in design to an internet-connected lightbulb, they function very similarly in terms of the underlying technology that makes them connected. Indeed, the aforementioned IoT devices are likely to use the MQTT protocol likely on top of TCP/IP; a design which is likely to be familiar to many. One way which makes automotive security radically different is the issue of communication. Indeed, many of the protocols that are commonly used in the automotive industry such as Controller Area Network (CAN) and Local Interconnect Network (LIN). However, more widely used protocols are also used in vehicles such as I2C and SPI. A common theme between all these technologies is that they are fairly low level with efficiency as an aim, and as will be demonstrated, also have to be interfaced with on a low level. Hence, a particular (and to many a novel) set of skills are required to efficiently assess these automotive systems.
Previous security issues
At the time where cars were not connected to the internet (or any other wireless protocol for that matter), one could safely assume that the on-board electronics in the car were relatively safe. That is unless a proper attempt at getting access to the internals of the car (such as the ECU) (Wenzel, 2017). These systems can be in today’s standards often be regarded as very rudimentary, with some of their only functions being limited to automobile emissions and to calculate optimal fuel usage. One may say that the danger of having an exploited automotive system was not likely at this point bin time, a far greater number of things could be done through other means, such as manually disabling the brakes.
With the advent of wirelessly connected automotive systems, however, physical access is not necessarily required to exploit said systems.
Current security issues
Wireless connectivity
There are examples of vehicles being exploited in recent years.
In July of 2015, the car “Jeep Cherokee” was remotely hacked by Charlie Miller and Chris Valasek by wirelessly accessing its entertainment system. This allowed them to send commands to the car’s internal instruments that controlled the brakes, transmission, steering wheel as well as various dashboard functions. According to the aforementioned researchers, the vehicle in question behaved more like akin to a smartphone than one would expect a car to behave. As such, it was wide open to be exploited much like a modern smartphone. In the scenario of the aforementioned car, it was also possible to connect the exploited device to the internet as it the car connected with the driver’s mobile network shared through their smartphone’s Wi-Fi hotspot (Pagliery, 2015). Similarly, researchers at the University of California, San Diego, demonstrated the feasibility of exploiting a vehicle by the manufacturer Chrystler by using a gadget commonly utilised by insurance firms to monitor the lessee’s speed and location. Through creating malicious SMS messages to this gadget, commands were sent to the CAN bus of the can which subsequently could toggle functions such as brakes or windscreen wipers(Pagliery, 2015).
Tesla’s Model X experienced a vulnerability during the summer of 2017. This vulnerability enabled researchers to remotely take control over the brakes of the Model X whilst also opening the trunk, doors as well as changing settings on the infotainment system of the vehicle. Tesla responded to this vulnerability with a security update (Cimpanu, 2017).
As demonstrated by these examples, we can see that wireless connectivity is a common theme where vulnerabilities happen. With that in mind, as well as considering that this development does not seem to stagnate, investing in wireless security is paramount. In addition, as will be discussed, self-driving vehicles are expected to become more common. In this future scenario, one may expect that wireless automotive security is the most important issue to investigate.
One proposed technology to be applied to the car of tomorrow is vehicular ad-hoc networks (VANETs). These networks, first mentioned in 2001 (Toh, 2001), are supposed to function as small spontaneous networks that connect vehicles with other vehicles, but also roadside communication. While not technically formalised internationally (regional differences apply), in the EU the com- munication technology uses the frequency range 5 875 - 5 905 MHz per the European Commission Decision 2008/671/EC (Series, 2012). Standards like these are important as it focuses the collective research effort towards one single technology.
Research in the field of VANETs is well underway, however, and current research is especially invested in the Sybil attack (Kumar, Chauhan, Kumar, Chand, & Khan, 2020). The Sybil attack is the act of subverting a reputation system in a network by creating a plethora of fake identities. In other words, it undermines the authority of the system, potentially even take control of it. A very similar attack has happened to other areas of emerging technologies, namely the 51 per cent attack against blockchain systems (Bastiaan, 2015) which more or less achieves the same end result: depreciating value of the network as a decentralised authority.
Modern vehicles usually have some form of keyless entry, usually by a remote control which also acts as a key to start the engine. (Bacchus, Coronado, & Gutierrez, 2017). These types of keys have been a focus point of researchers when trying to exploit consumer vehichles.
Mobile software integration
Having vehicles wirelessly connect to our mobile devices introduces an entirely novel attack surface. Some newer cars, for example, Tesla’s cars, have its own dedicated mobile applications so that remote commands and settings might be issued by the user wirelessly (Tesla, 2020). With its rise in popularity, mobile devices have received increased attention from malicious actors (Tam, Feizollah, Anuar, Salleh, & Cavallaro, 2017) and with it the greater likelihood that it is the attack surface of choice for many. Therefore, it is vital that attention is directed towards not only the fact that a vehicle connects wirelessly but to what it connects to.
One may imagine the scenario where the application for remotely accessing one’s Tesla’s configuration has been reverse-engineered and malicious code has been deployed unto a victim’s device. The malicious code can in this case theoretically traverse the connection between the mobile application and become persistent also within the vehicle itself. Hence, one now has two devices that are compromised, but one device with far more likelihood of causing fatalities, id est the automobile.
Forensic value
The potential for gathering evidence from “smart cars” are tremendous. It is estimated that an average “smart car” usually generates approximately 25GB of data per hour (O’Neill, 2017) which of course gives digital forensics investigators and researchers alike a lot of data. Indeed, this data is not limited by GPS data, but also data collected from the car’s sensors, its infotainment system and its connectivity with a smartphone. It is not difficult to imagine that this data is far more complete and diverse than what could be recovered from earlier vehicles’ black boxes (Larson, 2018). Important to note is that this data is generated regardless of which person is looking at it, be it an investigator or malicious actor. Therefore, with that in mind, this humongous source of data must be protected to the utmost degree.
There are commercial efforts towards automotive forensics, one of them being Berla (Berla, 2020). While the price of Berla’s forensic solution kit is not public, one may expect that it falls in line with the general “professional pricing” of forensic software aimed at other devices. In general, Berla is very secretive about what the software actually is able to do and how much data its solution can actually provide (O’Neill, 2017). Hence, these tools are not very accessible to the public, something that will be discussed.
In a very similar theme as with specific tools for phones with specific operative systems, “smart cars” also have their fair share of custom made software solutions and procedures to tackle the forensic aspects of a vehicle. An example of this is the recent research done into the low-level data recovery from Volkswagen cars and their entertainment systems (Jacobs, Choo, Kechadi, & Le-Khac, 2017).From this research, it is clear how much dedicated effort towards one particular system is needed togather data. Hence, more universal solutions to the growing number and diversification of “smart cars” is needed. Researchers insist that learning from the past forensic analysis is vital when it comes to forensic preparedness are an essential part when venturing into the unknown lands of futuristic solutions such as “smart vehicles” in a “smart city” (Baig et al., 2017).
Towards secure roads
One undeniable fact is that the rate automation of our automotive vehicles is not slowing down. There is a lot of both capital and research invested into a future where humans are not the one turning the steering wheels and where cars are merely an interconnected mesh-like network that conveniently coincides with an equally probable (if not required) prediction of “smart cities”.
There is no doubt that self-driving cars are not already comparable to humans at driving, but in many respects, they are indeed better (Teoh & Kidd, 2017). This implication puts those against self-driving cars (likely for valid and various reasons) in a very particular ethical dilemma: is the overall safety of the population more important than things like personal freedom to drive one’s own car; to be responsible for one’s own actions? Another dilemma is either the centralisation or decentralisation of trust that is inherently an issue with large networks. These issues bleed easily into questions one have to consider concerning how to approach the field of automated and AI automotive security.
Some of these wireless technologies that are meant to enable self-driving cars to be truly autonomous are vehicle-to-vehicle (V2V) and vehicular ad-hoc networks. As such, these technologies are heavily researched now, especially for any potential inherent vulnerability that such technologies might bring with them (Kumar et al., 2020). Concerning the not so distant future of forensics, there are also novel techniques of gathering forensic data (Obimbo, n.d.).
As mentioned, many tools to diagnose modern cars are inaccessible to the public for several reasons. However, an open-source solution is also being developed, as a response to the very costly, locked-down and proprietary solutions (Greenberg, 2015) proposed by large corporations. Efforts like these democratise security by making sure everyone can have access to it, even without connection to the car manufacturer or an external security company. Similarly, it also decentralises security by making sure that no one large actor is able to control the narrative of the discussion; possibly refrain from disclosing, or even selling, potential vulnerabilities in a vehicle. This open- source mentality is strongly intertwined with the “Right to repair” movement that is very relevant at the time of writing (Svensson et al., 2018). As car get less mechanical and more intertwined with computers, having both the right and the means to repair one’s own vehicle is become much more vital to ensure personal freedom over the items in one’s possession, and that said items are doing what the manufacturer is claiming they should be doing; nothing more, nothing less.
In the realm of self-driving cars, there has also been done great steps towards making self-driving cars a viable alternative to driving the car oneself. As the cornerstone of a self-driving car’s existence might be attributed to wireless technologies, these wireless are expected to be the focus of malicious actors for the purposes of exploitation. Therefore, enough attention must be given to these areas before they become an actual problem.
Conclusion
With the expanding market of “smart vehicles” and general automotive automation, the possibility of accidents if such instruments should be compromised must be kept in mind. The data that these fast-moving devices generate can prove to be a valuable resource, as long as the people that have said information are the right people with pure intentions. The unifying principle for the cases mentioned is clear: no matter what the device is, the price to pay for not having secure devices can be grave. Whether there is a complete violation of the CIA principle or a “smart car” exploit that leads to the fatal accident of a victim, both examples signifies their importance in their own right and are both worthy of the attention from both established researchers, digital forensic investigators and hobbyist alike. In a future where everything is moving towards “smart”, we have to be wise in our decisions concerning security.
References
Bacchus, M., Coronado, A., & Gutierrez, M. A. (2017). The insights into car hacking. EEL.
Baig, Z. A., Szewczyk, P., Valli, C., Rabadia, P., Hannay, P., Chernyshev, M.,… Sansurooah, K., et al. (2017). Future challenges for smart cities: Cyber-security and digital forensics. Digital Investigation , 22 , 3–13.
Bastiaan, M. (2015). Preventing the 51 percent-attack: A stochastic analysis of two phase proof of work in bitcoin. Available at (http://referaat.cs.utwente.nl/conference/22/paper/7473/preventingthe-51-attack-a-stochasticanalysis-oftwo-phase-proof-of-work-in-bitcoin.pdf.
Berla. (2020). Berla vehicle forensics. Retrieved from https://berla.co/
Cimpanu, C. (2017). Chinese researchers hack tesla model x in impressive video. Retrieved from https://www.bleepingcomputer.com/news/security/chinese-researchers-hack-tesla-model-x-in-impressive-video/
Greenberg, A. (2015). A $60 gadget that makes car hacking far easier. Wired.
Jacobs, D., Choo, K.-K. R., Kechadi, M.-T., & Le-Khac, N.-A. (2017). Volkswagen car entertainment system forensics. In 2017 ieee trustcom/bigdatase/icess (pp. 699–705). IEEE.
Kumar, R., Chauhan, N., Kumar, P., Chand, N., & Khan, A. U. (2020). Privacy aware prevention of sybil attack in vehicular ad hoc networks. In Handbook of wireless sensor networks: Issues and challenges in current scenario’s (pp. 364–380). Springer.
Larson, A. (2018). What is an automobile black box. Retrieved from https://www.expertlaw.com/library/accidents/auto_black_boxes.html
O’Neill, P. H. (2017). Meet berla, the little-known company that can pull smartphone data from your car. Retrieved from https://www.cyberscoop.com/berla-car-hacking-dhs/
Obimbo, C. (n.d.). Bb-vdf: Enabling accountability and fine-grained access control for vehicular digital forensics through blockchain.
Pagliery, J. (2015). Chryslers can be hacked over the internet. Retrieved from https://money.cnn.com/2015/07/21/technology/chrysler-hack/index.html
Series, M. (2012). Advanced intelligent transport systems (its) radiocommunications.
Svensson, S., Richter, J. L., Maitre-Ekern, E., Pihlajarinne, T., Maigret, A., & Dalhammar, C. (2018). The emerging right to repair legislation in the eu and the us. Proceedings from Going Green - Care Innovation, Vienna.
Tam, K., Feizollah, A., Anuar, N. B., Salleh, R., & Cavallaro, L. (2017). The evolution of android malware and android analysis techniques. ACM Computing Surveys (CSUR) , 49 (4), 1–41.
Teoh, E. R., & Kidd, D. G. (2017). Rage against the machine? google’s self-driving cars versus human drivers. Journal of safety research , 63 , 57–60.
Tesla. (2020). Mobile app overview | tesla. Retrieved from https://www.tesla.com/support/energy/powerwall/mobile-app/mobile-app-overview
Toh, C. K. (2001). Ad hoc mobile wireless networks: Protocols and systems. Pearson Education.
Wenzel, S. L. (2017). Not even remotely liable: Smart car hacking liability. U. Ill. JL Tech. & Pol’y , 49.