Why vehicle security may require a different approach
Yoni Kahana, NanoLock
embedded.com (October 16, 2018)
With more than 152 million vehicles connnected to the Internet by 2020, it’s no surprise that engine control units (ECUs) are easy targets for attackers and other adversaries. This is supported by published reports on recent attacks on Volkswagen/Audi, BMW, and Tesla vehicles. And as cars become more connected, this trend will continue to grow.
Hacker Access
There are a number entry points, such as Wi-Fi, Telematics, Bluetooth that hackers can gain access to vulnerable ECUs. In April 2018, Computest reported vulnerabilities in Audi vehicles that enabled hackers to gain access via Wi-Fi to the in-vehicle network (IVN), gain root privilege, execute rough firmware updates and manipulate the gateway. In May 2018, Keen Labs published its research on BMW and demonstrated how they could penetrate the system via the telematics unit and change the gateway policy (among others) in order to gain control of the IVN. They also found code signing vulnerabilities that could be exploited to update the image to a rough image. And in 2016 and 2017, Keen Labs published their research on vulnerabilities in Tesla vehicles, where in both cases the team attacked the Wi-Fi. This allowed them to manipulate and modify the software or bypass the code signing verification. While this is not an exhaustive list, it demonstrates how many attack vectors are able to gain control over the ECUs and eventually take over commands in the vehicle.
To read the full article, click here
Related Semiconductor IP
- USB 4.0 V2 PHY - 4TX/2RX, TSMC N3P , North/South Poly Orientation
- FH-OFDM Modem
- NFC wireless interface supporting ISO14443 A and B with EEPROM on SMIC 180nm
- PQC CRYSTALS core for accelerating NIST FIPS 202 FIPS 203 and FIPS 204
- USB Full Speed Transceiver
Related White Papers
- A comprehensive approach to enhancing IoT Security with Artificial Intelligence
- How a Standardized Approach Can Accelerate Development of Safety and Security in Automotive Imaging Systems
- FastPath: A Hybrid Approach for Efficient Hardware Security Verification
- SoCs require a new verification approach
Latest White Papers
- FastPath: A Hybrid Approach for Efficient Hardware Security Verification
- Automotive IP-Cores: Evolution and Future Perspectives
- TROJAN-GUARD: Hardware Trojans Detection Using GNN in RTL Designs
- How a Standardized Approach Can Accelerate Development of Safety and Security in Automotive Imaging Systems
- SV-LLM: An Agentic Approach for SoC Security Verification using Large Language Models