Why vehicle security may require a different approach
Yoni Kahana, NanoLock
embedded.com (October 16, 2018)
With more than 152 million vehicles connnected to the Internet by 2020, it’s no surprise that engine control units (ECUs) are easy targets for attackers and other adversaries. This is supported by published reports on recent attacks on Volkswagen/Audi, BMW, and Tesla vehicles. And as cars become more connected, this trend will continue to grow.
Hacker Access
There are a number entry points, such as Wi-Fi, Telematics, Bluetooth that hackers can gain access to vulnerable ECUs. In April 2018, Computest reported vulnerabilities in Audi vehicles that enabled hackers to gain access via Wi-Fi to the in-vehicle network (IVN), gain root privilege, execute rough firmware updates and manipulate the gateway. In May 2018, Keen Labs published its research on BMW and demonstrated how they could penetrate the system via the telematics unit and change the gateway policy (among others) in order to gain control of the IVN. They also found code signing vulnerabilities that could be exploited to update the image to a rough image. And in 2016 and 2017, Keen Labs published their research on vulnerabilities in Tesla vehicles, where in both cases the team attacked the Wi-Fi. This allowed them to manipulate and modify the software or bypass the code signing verification. While this is not an exhaustive list, it demonstrates how many attack vectors are able to gain control over the ECUs and eventually take over commands in the vehicle.
To read the full article, click here
Related Semiconductor IP
- Bluetooth Low Energy 6.0 Digital IP
- Ultra-low power high dynamic range image sensor
- Flash Memory LDPC Decoder IP Core
- SLM Signal Integrity Monitor
- Digital PUF IP
Related White Papers
- A comprehensive approach to enhancing IoT Security with Artificial Intelligence
- How a Standardized Approach Can Accelerate Development of Safety and Security in Automotive Imaging Systems
- FastPath: A Hybrid Approach for Efficient Hardware Security Verification
- SoCs require a new verification approach
Latest White Papers
- How Next-Gen Chips Are Unlocking RISC-V’s Customization Advantage
- Efficient Hardware-Assisted Heap Memory Safety for Embedded RISC-V Systems
- Automatically Retargeting Hardware and Code Generation for RISC-V Custom Instructions
- How Mature-Technology ASICs Can Give You the Edge
- Exploring the Latest Innovations in MIPI D-PHY and MIPI C-PHY