Safely connecting cars in the future

Modern day cars are packed with the latest technologies and onboard computers that may have first been tested within the world of motorsport, to help your everyday drive. But have you ever wondered how it all works when you are behind the wheel?

There may be some car enthusiasts out there who can easily explain the differences between the Atkinson and Miller cycle. However, it’s likely that most people see the car that they drive only as a means of getting from one place to another. Most drivers don’t think about what happens under the bonnet when they accelerate or turn the steering wheel.

A look back through the ages.

The evolution of cars is mind-blowing, from the very early years of the first road car in 1886, to cars of the present day, which covered many different purposes from road cars to racing cars. The pace of change must have exceeded the original automotive pioneers’ expectations by some distance. From the early era of mechanical components, such as a wire that directly connected the gas pedal to the throttle and added the fuel mixture to the cylinders when pressed on road cars. It was also fed into the first racecar developed in the United States in 1895. Technology has progressed at such a rate that modern day cars are made up largely of electronic components.

As time has progressed, enhancements such as engine control units (ECU’s) and anti-lock braking systems (ABS) were introduced to cars, increasing not only the performance but also the technological sophistication. ABS systems had developed from the early 1900’s, but were known as ‘Four Wheel Brake Systems’. This technology was then later used on road cars in the 1930’s. Great progress was continuing to be made and in 1953, the first disc brakes were tested on a Jaguar C-Type racing car.

Our friend and colleague Andrey Nikishin from Kaspersky Lab explains a little about the technology and function of the ECU & ABS in road cars and adapted from racing cars.

“Before electronic units appeared, the carburetor performed functions of injecting an air–fuel mixture of desired consistency into the engine’s cylinders, and engineers focused on improving carburetors. The first electronic engine control units were developed by Italians for the Alfa Romeo 6C2500 model in the mid-1950s. The unit was named Caproni-Fuscaldo.1

As for antilock braking systems, the technology was patented by Bosch in 1936. But the actual realisation of the idea then failed as a result of deficient digital electronics, whose function was to halt the wheels in a split second. The first successful samples of production ABS appeared in Daimler-Benz cars thanks to the talent of engineer Heinz Leiber, who prior to joining Daimler had worked for Teldix GmbH, where he developed the basics of the ABS.”

As car technology advanced, a Controlled Area Network (CAN) Bus was designed to help limit the growing number of wires found in the chassis of the car. The sole purpose of the CAN was to reduce the amount of wires and weight of the cars, and then connect each component by communicating with each other in applications. An addition to the world of motorsport that would gain racecars those all-important tenths per lap in the 1980’s.

The success of this added electronic device was first tested in 1986 with BMW in their 850 Coupe. It helped to reduce wiring length by an astonishing 2 km and saved 50 kg of car weight. Now all modern day cars are equipped with the CAN bus, which have become a legal requirement. They are also fitted on racecars to read vehicle data and telemetry. Common parameters such as engine speed, coolant temperature and throttle position are often checked during races.

What does the future hold?

The car industry is heading to its third evolution – ‘connected cars’ or ‘network connected cars’. Put simply, this means a car that has the ability to connect to the Internet and features a wireless Local Area Network, connecting it to the Internet and onwards to additional services for the car manufacturer and the driver. For example, automatic updates maybe downloaded to the car’s GPS system to avoid current traffic jams, and telemetry data can be passed to the manufacturer or 3rd parties like insurers for troubleshooting prognosis, driving style classification and much more!

For the world of motorsport, the future leans towards a more data rich era of racing. Teams will continue to depend on data that is fed back to them to optimize and fine-tune car set-ups. As computer systems become more complex within motorsport, real time data is the currency of a successful team. Telemetry will be fed to the drivers more consistently over secure radio systems and the data can be stored within cloud services. For example, Formula 1™ is the epitome of a data rich sport as drivers rely on the team to advise and update of any unusual readings from telemetry.

“We are working on a new generation of vehicles that truly serve as digital companions. They … learn your habits … adapt to your choices … predict your moves … and interact with your social network.” - Dr. Dieter Zetsche, chairman of the board of directors of Daimler AG.

However, there is always an underlying threat from cyber villains, who are already targeting in-car software and hacking into vehicles each and every day.

A recent example came from a USA based team racing in NASCAR. The Circle Sport-Leavine Family Racing team who raced the #95 was held to ransom when their team data was hacked. They noticed that a machine on their network was loading many of their documents to DropBox where they hold all their digital files. When the team leader went to open these files some time later he found that they had all been encrypted and a screen popped up telling him he needed to pay a ransom to decrypt their files. The team estimated that their files were worth over $2,000,000 to them. Unfortunately they were left with no option but to pay to regain their data files.

A similar event happened more recently with JEEP-Cherokee in the USA. Hackers passed through various levels of car security to re-write the external IP-address to the ‘Uconnect system’ to gain access to the vehicle’s onboard computer, taking control of air conditioning, the radio and windscreen wipers.

From Kaspersky Lab’s point of view, connected road cars are much more than computers on wheels. They are a cyberphysical device or a digital unit that offers an array of varied cloud services to tailor to each driver. Mobile devices are also included in this equation which can communicate with both the cloud services (e.g. music streaming) and then also the car (Bluetooth).

Through this diagram we can easily see all the elements that are involved in connected cars, which helps us identify potential vulnerabilities and attack points. Some of the key threat vectors can be seen in this list:

Why hack a vehicle?

Like many cybercrimes, one motive is money. Imagine starting off for work one morning, only to find a message on your display screen asking you to transfer Bitcoins or send cash via PayPal in order to unlock your car. What would you do?

Another reason could be espionage. In today’s age, cars are used for much more than the daily commute; they’re a place to meet, a place to hold meetings and to negotiate in. In a connected car it’s easy for a hacker turn on microphones or use car cameras to gain access to exclusive information and eavesdrop on commercially sensitive conversations. Similarly in the world of motorsport, cybercriminals’ main goal is to hold the team to ransom for cash. Aside from financial risks, hacking also means confidential team data can be placed on the Internet for all to see.

How can Kaspersky Lab help?

The experts at Kaspersky Lab work day in, day out to understand the ever-evolving risks and possible threats. Armed with this insight, they find solutions to help car manufacturers and motorsport teams (such as Scuderia Ferrari’s IT systems) to protect automotive software and onboard electronics.

The team’s approach is the internal security of modern day cars, which is based on two principles – isolation and controlled communications.

  • Isolation of communications works to ensure that potentially connected entities such as in-car infotainment applications won’t affect each other or the network that they operate on if compromised. This principle is already in place on aircraft and is now being migrated to the automotive world.
  • Controlled communications is the use of cryptography and authentication for sending and receiving data inside the car. Both of these techniques must work cohesively with the car’s pre-existing security policies.

This two-pronged plan is fundamental to KasperskyOS, a microkernel operating system with controlled interprocess communication. Each logical domain has its own IP address and is supervised by the security monitor. The security of this is paramount for a team such as Scuderia Ferrari.

“The elements of on-board electronics that control critical car functions and are presumably vulnerable to attacks consist of a head unit (HU) and electronic control units (ECU). The latter form a network of controllers in a modern car — engine control, powertrain control, suspension control, and so forth. As a result, we can see a lot of potential applications for the Kaspersky OS within the connected car industry. By design, Auto 3.0 requires a change in the security architecture mindset”. Andrey Nikishin – Kaspersky Lab.

In summary, today’s connected cars have a huge array of cloud services such as downloadable maps and navigation, traffic information and road conditions, driving quality monitoring and much more! Motorsport teams are relying heavily of car and track telemetry to make the best-informed decisions.

As technology evolves, cars will be sharing gigabytes of data and helping to make driver decisions, vastly improving the lives of drives and safety of pedestrians. However, if the security of cloud infrastructure, authentication, data traffic encryption and key management and storage is not effectively managed, then cyber criminals can find an open door with relative ease. A similar approach will apply to motorsport teams throughout the Paddock.

The future is exciting, having looked at where cars have started to where cars are today. Kaspersky Lab’s task is to ensure that cyber security remains paramount.

(Source: Thanks to our friends Andrey Nikishin & the Kaspersky Lab team)

Trending Stories

The KM Emoji Hunt

more

Spooky abandoned tracks - Part one

more

Ransomware is now a real threat for motorsport teams

more