Today’s automobile contains a myriad of computers. While this advancement allows automobile to be more efficient and safer, that comes with new potentials risks. It is not clear if, by making car safer while using computers, automobile manufacturers thought about those computers becoming a threat if used maliciously.
In this landmark research, Karl Kosher et al. showed the risks car networks and computers (e.g. CAN and ECU) by demonstrating what an attacker by accessing the internal network of an automobile. They were able to control a wide range of automotive functions and completely ignore driver input; including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and more. The researchers assessed how much resilience an automobile has against a digital attack. Unfortunately, their response is “little”.
If you are interested in vehicle security this is a paper that you should read as a foundation for this rapidly developing field. It provides a clearly explained and well-designed set of experimental studies of vehicle security and a good outline of vehicle security considerations.
K. Koscher et al., “Experimental Security Analysis of a Modern Automobile,” 2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 2010, pp. 447-462.
If you still want to know more about automotive security, you can watch Adrian Taylor’s presentation “ anomalies on the automotive control bus with machine learning” from the SERENE-RISC 2017 Fall Workshop.