The principal problem is that packets lack a sender ID and the protocol doesn't implement an efficient authentication mechanism. In the automotive, ECUs exchange CAN packets, and every packet is broadcasted to all the elements on the same bus, this means each node can interpret it. The CAN bus is also used in other industries, including aerospace and industrial automation. The CAN bus (controller area network) is the standard in the automotive industry, designed to allow data exchange between ECU and devices within a vehicle without a host computer. The intent of numerous specialists is to approach the car with the eyes of a hacker to explore security issues and demonstrate how it is possible to exploit numerous flaws to interact directly with principal components of a vehicle, including braking and steering.įigure 1 - Steering Video POC by Charlie MillerĮlectronic Control Units (ECUs) and Controlled Area Network (CAN)Įlectronic Control Units communicate together on one or more bus, based on the Controlled Area Network standard. "Then we will show how certain proprietary messages can be replayed by a device hooked up to an ODB-II connection to perform critical car functionality, such as braking and steering.Finally, we'll discuss aspects of reading and modifying the firmware of ECUs installed in today's modern automobile," reports an abstract related to the presentation done at the Black Hat security conference in August 2013.
#RESOURCE HACKER 2014 SOFTWARE#
Secondly, we will demo software to show how data can be read and written to the CAN bus. We will first cover the requisite tools and software needed to analyze a Controller Area Network (CAN) bus. This presentation will examine some controls in two modern automobiles from a security researcher's point of view. "Automotive computers, or Electronic Control Units (ECU), were originally introduced to help with fuel efficiency and emissions problems of the 1970s but evolved into integral parts of in-car entertainment, safety controls, and enhanced automotive functionality. The massive introduction of electronics requests a serious approach to the overall security of those parts. Recently, Charlie Miller, one of the most popular hackers, demonstrated working with Chris Valasek, director of security intelligence at IOActive, the possibility to hack a car by breaking into the control system of the vehicles.Ĭars are complex systems composed of numerous intelligence components that control different functions of the vehicle. The safety of the automobiles relies on near real time communication between the different ECUs for predicting crashes, performing anti-lock braking, and much more. Modern cars contain upwards of 50 electronic control units (ECUs) that exchange data within an internal network.
0 kommentar(er)
