Trend Micro discovers 'indefensible' car security/CAN standard flaw

Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral. Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehi
August 18, 2017 Read time: 3 mins
Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral.


Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle networks and devices are made. Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade.

The researchers say it abuses the Controller Area Network, or CAN, network protocol that connects all in-vehicle equipment, parking sensors, airbag, active safety system and infotainment systems and allows them to communicate. The standard for this network is called a Controller Area Network, or CAN.

Trend Micro’s online blog says, “It’s not the car manufacturers’ fault, and it’s not a problem introduced by them. The security issue that we leveraged in our research lies in the standard that specifies how the car device network (i.e., CAN) works. Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely. To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles.”

David Barzilai, co-founder and chairman, automotive cyber-security firm 8519 Karamba Security, agrees with Trend Micro that the CAN protocol can be abused, causing it to disable devices on a CAN network, and that 7178 IDS systems will not be able to help against such an attack.
 
However, he says, In order to remotely launch Denial of Service (DoS) CAN attacks, a hacker must compromise an externally-connected electronic control unit (ECU) and interfere with its factory settings. Such interference enables the hackers to start sending CAN messages that generate errors leading to a device DoS.
 
“Instead of changing the legacy CAN protocol in all cars that use it (practically all vehicles), the industry should harden the externally-connected ECUs according to their factory settings, to prevent any unauthorised change to the ECU. Blocking such changes enables the industry to prevent cyber-attacks, including the DoS attack that Trend Micro reported on.”

Location Based Systems

For more information on companies in this article

Related Content

  • Machine vision needs standards to fulfil ITS demands
    May 28, 2014
    No-one should expect the enabling qualities of machine vision to come free of charge but Jason Barnes finds there is still much that ITS stakeholders can do to help reduce costs. After many years of application in high-end solutions for the enforcement and tolling sectors, machine vision is gaining traction in more general areas of traffic management. Nevertheless, those OEMs producing transport-oriented solutions which incorporate machine vision and looking to increase the technology’s share of the ITS mar
    Read More
  • Kapsch ‘opens the way’ to interoperability
    July 30, 2013
    Richard Turnock, chief technology officer of Kapsch TrafficCom North America explains what advantages its newly-opened TDM protocol can offer as a US-wide standard for tolling interoperability. The electronic tolling industry across the United States is evolving. Historically it was characterised by clusters of interoperability where a motorist may be able to use the same transponder across a large area, such as the 15-State E-ZPass system, or be confined to a single State system. Now, however, the industry
    Read More
  • Does ADAS create as many problems as it solves
    September 23, 2014
    Victoria Banks and Neville Stanton [1] of Southampton University’s Transportation Research Group examine the real impact of creeping driver automation. Safety research suggests that 90% of accidents are thought to be a result of driver inattentiveness to unpredictable or incomplete information and the vision is that highly automated vehicles will lead to accident-free driving in the future.
    Read More
  • Scaling up road safety analysis with Aimsun cloud simulation
    May 10, 2023
    Synthetic generation, execution, and analysis of thousands of road safety scenarios is exponentially more efficient and wider ranging than any methodology based on field data. Marcel Sala & Jordi Casas of Aimsun examine the benefits of cloud simulation for safety testing
    Read More

Highlighted Content