Researchers with the Center for Automotive Embedded Systems Security (CAESS) have found a way to hack into cars and control vital functions, including braking. This week, the university researchers will present their paper “Experimental Security Analysis of a Modern Automobile” at the upcoming IEEE Symposium on Security and Privacy in Oakland, CA, taking place Wednesday.
In late 2009, the researchers demonstrated the ability to hack into late-model cars by plugging a laptop into a standard diagnostic computer port. Then, driving in another vehicle located to the hacked car, the researchers were able to disable the brakes, lock the doors in the car, keeping passengers from exiting, change the speedometer readings and turn on music and heating.
The ultimate goal of the research is to remind car manufacturers that they too must consider security from hacking when manufacturing vehicles.
“We think this is an industry issue,” Stefan Savage, an associate professor with the University of California, San Diego, said.
“In starting this project we expected to spend significant effort reverse-engineering, with non-trivial effort to identify and exploit each subtle vulnerability,” the researchers write in their paper. “However, we found existing automotive systems—at least those we tested—to be tremendously fragile.”