31-08-2017 | | By Paul Whytock
There has been a spate of news recently about how today’s electronically sophisticated cars are vulnerable to hacking and a recent story that Chinese researchers posing as hackers were able to gain access to a stationary Tesla electric car from 12 miles away has frighteningly serious safety implications. From that distance they where able to tamper with the cars braking systems which could cause a serious accident if the car was travelling at speed.
What this and many other vehicle software security incidences has highlighted is the vulnerability of the Controller Area Network (CAN bus) used in vehicles to facilitate communication between the vehicles’ electronic control systems.
Old SystemThe problem is the CAN bus system is old. It was developed way back in 1983 by German company Bosch and was released in 1986. The first CAN controller chips were produced by Intel and Philips in 1987 and the 1988 BMW 8 Series was the first production car to feature a CAN-based multiplex wiring system. Since then CAN standards have been gradually developed and improved but the hard fact is its protocol cannot withstand modern hacking.
That’s because it remains a low-level protocol which means it does not have integral security features. There is no encryption in standard CAN implementations which leaves these networks open to infiltration. What it should be able to do is authenticate incoming commands and messages or the presence of certain devices on its network. Inability to do this can result in various sorts of attacks if the hacker succeeds in placing messages on the bus.
Simply put, CAN bus is wide open to criminal infiltration. But what are the car manufacturers doing about it. Part of the problem is money and whereas the car makers are quite happy to charge some very high prices for sophisticated models that feature all the latest electronic gizmos they are reluctant to invest in the updating of CAN bus to ensure system security. Not only would this represent a very complex task but an expensive one. Re-engineering a dated legacy system which is already extremely complex is a monumental task particularly given the existing structure has no form of intrinsic authentication and getting a significantly robust authentication method into CAN bus is not feasible.
Cannot CopeSo why bother struggling with the old system which cannot do a secure job in allowing a vehicles ECUs to communicate with each other? Why not just dump it and go for something more capable? This has indeed been suggested and two ides have some merit; Ethernet and FlexRay.
When it comes to Ethernet, which lets face it has a time and tested reliability in computer related applications, the car industry is already giving that technology serious consideration. In fact The Society of Automotive Engineers has already published a specification for a version of Ethernet that could potentially be used as the basis for a secure vehicle networking/communication system.
The other often discussed CAN bus alternative is FlexRay and this has some real technical advantages over CAN in that it can handle synchronous and asynchronous transmission of messages, has a considerably higher data rate, has clock synchronization and predictable jitter characteristics. But that’s about it when it comes to that system because despite these aforementioned advantages FlexRay is still potentially a hackable risk which would allow a hacker access to all the data present on a FlexRay system. One of the problems is it is vulnerable to fake error messages.
More SecureSo of the two possible alternatives Ethernet may prove the more secure given its increased bandwidth, its technical relationship to Internet of Things developments and the fact existing security structures could be implemented with reasonable ease into vehicle networks.
Now whether or not the car makers will take heed of these potential alternatives to CAN bus and get their corporate wallets out and invest in the necessary development is another matter.
I suspect that if they dilly-dally and subsequent lethal road accidents happen then the car manufacturer that takes the lead in making its vehicles hacking immune will see a well-deserved leap in their market share figures.