The scariest vulnerabilities in driverless cars


From Chevy, Ford and Hyundai to Mercedes and Jaguar, ‘smart’ features have become the norm in many mainstream car brands.

There is no doubt wireless connectivity is bringing convenience with features such as remote keyless entry, automatic pay for gas, map applications, in-car mobile devices, self-parking and more – but with this convenience comes an increased risk of car theft, hack of personal data, and even hack of car’s security features.

One of the most common scenarios that poses a security weakness is remote keyless entry. The possibility of car theft is increased due to the pervasiveness of keyless passive entry systems and their vulnerability to jammed RF channels – and more importantly, to relay attacks.

A relay attack scheme is when a thief follows you when you leave your car while a second thief stays nearby your car. The thief following you will emulate the signal of your car and your key fob will answer like if the car was nearby. The thief then relays this signal back to the second thief who stayed nearby your car to open it even if you are hundreds of meters away by using long range RF communication in the middle.

>See also: The future of driverless cars and data security

Another scenario, and one of the scariest, associated with many connected cars that use wireless communication to connect between some components and the car’s controller and dashboard, is someone else taking control of the car wirelessly while you are driving in it.

Because cars are unable to distinguish whether their wireless communication was being used from inside the car or the car itself, or from outside the car, it makes it easy for hackers to intercept communication.

For example, there have been reports of unsecured wireless communication between tire pressure sensors and the car’s dashboard being leveraged to hack into the car’s dashboard and controller by sending erroneous data letting the car believe one of the tires had a puncture. Or more recently, some connected cars can enable hackers to turn off the car’s alarm wirelessly – making it a ‘silent gift’ for breaking in to.

There are also information security challenges with in-car mobile devices. If a connected car has a built-in, tablet-like device, which most cars do now, the car owner will most likely connect his contact list and calendar to be synchronised with the car’s device so the car can drive to, and communicate with, friends and scheduled events.

Additionally, as connected cars continue adding valuable features, such as sharing location information with mechanic shops and insurance companies, these features will use and link to the car owner’s or driver’s information, and make them more vulnerable for hackers to steal personal information as they can connect to the car wireless network even if they are not within the car.

Then there is the future vision such as automatic payment for parking or toll roads. Many car companies envision a scenario where a connected car can pull up to a payment station and the car’s computer communicates with the payment station to make the payment.

However, one of the challenges of implementing this vision is whether a car can verify it is communicating with the right payment station at the right time.

Can a car that is waiting to exit communicate with the car behind it, trick the second car into thinking it is at the payment station and give payment details, and use those payment details for its (the first car’s) own payment?

These types of wireless payment systems are susceptible to several variants of a man-in-the-middle attack.

In each situation, what the connected car really needs is to know, verifiably, that the device with which it is communicating is within a given distance of a given location.

The car being asked for payment information at a pay station needs to verify that the pay station with which it is communicating is located within a meter of the driver side window.

The connected car that receives control instructions needs to verify that the device that is trying to take control of the car is actually inside the car.

About now it may seem like all is lost with connected cars. What’s the point of a car being more convenient if it’s just more hackable?

One way to intercept many of the connected car hacks is by creating a ‘security bubble’, which is a system that allows the connected car to verify the device with which it is communicating within a given distance.

The technical task of a secure bubble is actually straightforward. A secure bubble is defined based on a location, presumably relative to the car, and the size and shape of the bubble. Then a system must be put in place to request and receive locations of devices communicating with the car system, to determine whether those devices are in or out of the secure bubble.

The secure bubble and trusted positioning adds an extra layer of security on top of passwords and encryption by limiting the zone or even defining exact physical locations from which the data communication will be authorised. This protects from relay attacks and man-in-the-middle schemes.

Using ultra-wideband (UWB) wireless micro-location technology can more accurately enforce a security bubble and detect when unauthorised applications are attempting communication.

>See also: The battle for a driverless car network: can all survive?

UWB radio is a location technology that delivers the accuracy, speed and embeddability that connected cars need. It can measure location to within 5-10cm, which is much more accurate than can be achieved using WiFi or bluetooth.

UWB was designed for location positioning, using fast impulse transmissions and sharp spikes for easier measurement of time of flight. This enables more accurate measurement with less susceptibility to noise and other error.

Additionally, UWB technology is always measuring the time it takes for the signal to travel between two specified objects – so if you try to relay it, it will be immediately detected as it will take longer than what is defined by the secure bubble.

Many next-generation automotive technologies are going from research to development to market. As they do, component technologies such as UWB can enable the precise location tracking that is needed to ensure safety and security.

On the horizon are additional exciting automotive developments that can be supported securely now that location can be tracked accurately.


Sourced from Luc Darmon, CMO, Decawave

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics