He suggests ridesharing companies that use driverless cars could cover it with tamper-evident tape. But even then, they might only be able to narrow down which passenger could have sabotaged a vehicle to a certain day or week. A more comprehensive fix would mean securing the vehicle's software so that not even a malicious hacker with full physical access to its network would be able to hack ita challenge Miller says only a few highly locked-down products like an iPhone or Chromebook can pass.
Miller argues that solving autonomous vehicles' security flaws will require some fundamental changes to their security architecture. Their internet-connected computers, for instance, will need "codesigning," a measure that ensures they only run trusted code signed with a certain cryptographic key.
Today only Tesla has talked publicly about implementing that feature. Cars' internal networks will need better internal segmentation and authentication, so that critical components don't blindly follow commands from the OBD2 port.
They need intrusion detection systems that can alert the driveror riderwhen something anomalous happens on the cars' internal networks. Miller and Valasek designed one such prototype. And to prevent hackers from getting an initial, remote foothold, cars need to limit their " attack surface ," any services that might accept malicious data sent over the internet.
Complicating those fixes? Companies like Uber and Didi don't even make the cars they use, but instead have to bolt on any added security after the fact. This hack, however, is still possible on patched Jeeps like the one they tested. And the real reason for extending their Jeep attack is to demonstrate what the full consequences of a digital attack on cars or trucks would have looked like in the absence of that patch; Their full-speed attack on the Jeep's steering and acceleration is what could happen the next time sophisticated hackers find a wireless foothold on a vehicle's network.
And make no mistake, auto hackers say: there will be another wireless car attack method found sooner or later. Miller and Valasek's latest work shows, he says, that "if you can get on the right CAN bus through those vulnerabilities, you can use these techniques to take pretty dramatic control of the car. This content can also be viewed on the site it originates from. Instead of focusing on that initial wireless foothold, this time Miller and Valasek wanted to to bypass a set of safeguards deeper in vehicles' networks.
Vehicle CAN network components are designed to resist certain dangerous digital signals: The diagnostic mode that Miller and Valasek used to disable the Jeep's brakes, for instance, wouldn't work at any speed above five miles per hour, and the automatic parking assist feature they used to turn its steering wheel only worked when the vehicle was in reverse and traveling at the same low speeds.
But Miller and Valasek have now found techniques to bypass some of those safeguards, with disturbing results. Here's how their new attacks worked: Instead of merely compromising one of the so-called electronic control units or ECUs on a target car's CAN network and using it to spoof messages to the car's steering or brakes, they also attacked the ECU that sends legitimate commands to those components, which would otherwise contradict their malicious commands and prevent their attack.
By putting that second ECU into "bootrom" modethe first step in updating the ECU's firmware that a mechanic might use to fix a bugthey were able to paralyze that innocent ECU and send malicious commands to the target component without interference. The result: They're now able to override contradicting signals that tell the parking brake not to activate, for instance, and thus bring the vehicle to a halt from any speed in seconds.
And in combination with another vulnerability they found in the steering module ECU, they can disable the steering so that the wheel resists the driver's attempts to turn it. They can also digitally turn the wheel themselves at any speed. When they tested that last attack while driving at 30 miles per hour on an empty road running through cornfields north of St.
Louis, Miller and Valasek say they lost control of the Jeep, crashed it into a ditch, and had to wait for a friendly local to tow them out. In a separate attack that doesn't require any such ECU bootrom tricks, they also found they could turn on and alter the settings on the Jeep's cruise control, allowing them to accelerate the Jeep by tens of miles per hour in a few seconds.
But they note that as with any cruise control, the driver could simply hit the brake to disable that unintended accelerationif they notice that it's happening. A careful driver with two hands on the wheel could also overpower the steering attack, too, Miller and Valasek admit. That's what we want. We want it actually fixed. We don't want it broken forever," Valasek agrees.
Automotive security research is important, especially as automakers cram in more and more computers and networked components in the vehicles. Automakers need to improve how they secure their cars earlier in the production cycle because it is far easier to fix the issues while the models are still in the lab, than it is to issue a recall or release a patch.
There are several open source tools and hardware designs supporting car hacking. Security company GRIMM recently opened a security research lab for industrial control systems and connected vehicles. In , Valasek and Miller released their research notes on how they hacked the Jeep along with some tools that they used in order to encourage other people to dig into automotive security.
0コメント