The scientists from the University of California San Diego and the University of Washington in Seattle claim that they have proved experimentally that a hacker has access to all ECUs and computers under the hood once he has managed to infiltrate just one ECU, since all on-board controllers and computers are internally networked. What's more, the scientists claim they were able to override driver input and, for instance, activate or deactivate brakes or stop the engine. (To read the scientists's paper please click here)

Against the background of increasing electronics content not only in the realm of engine, body and undercarriage controls, but also in the infotainment segment, the group states that the “attack surface” of modern cars is growing rapidly – in other words, the more electronics a vehicle contains, the more vulnerable is the car against malicious attacks. While this seems a logic assumption on a theoretical level, the group proved that there is also a practical aspect.
 

As the main gateway to the electronic inner world of the vehicles, the scientists identified the on-board diagnostics interface (OBD-II), but also various wireless telematics connections. “We have been able to monitor and control our car remotely over the internet,” the scientists state. As soon as they had access to the OBD-II, it was possible to maliciously bridging the car's internal subnets and gain control over more all ECUs and actuators. For instance, in order to activate or deactivate the brakes, they accessed the ESC and ABS systems implemented in most of today's cars, and manipulated the software of these controllers.

Nevertheless, the hack apparently was not such an easy task. Commercially available tools to monitor and analyze the CAN bus data traffic “were not appropriate for our use,” the researchers admit. Instead, they had to implement a custom CAN bus tool they fittingly called CarShark. The most critical barrier, the physical access to the OBD-II port, has intentionally been skirted in the paper.

EE Times Europe Automotive has asked several car OEMs and automotive-related organizations to which extend the attack described is relevant for the real world. We will publish their statements as soon as they are available.