CAN Bus Hacking - The Modern Threat to Your Vehicle
You will get efficient and thoughtful service from sonnepower.
If you’re a Criminal Minds fan, you’ll know this TV drama produces fictional and enticing crime episodes where police and FBI agents investigate unique crimes and their perpetrators. One recent episode, “Collision Course”, focused on a crime where a hacker targeted vehicles and took control of the vehicle’s controller area network, otherwise known as the CAN bus.
Throughout the episode, the perpetrator was able to control multiple parts of the targeted car by hacking into the vehicle’s dash cam to watch the road, and then were able to gain control over steering, brakes, and throttle remotely, all from the hacking the CAN bus. The hacker even put up a firewall to prevent others from stopping him.
While this television episode did include some "Hollywood" aspects to make it more entertaining, it does address the wider technological issue that faces our society, especially as we move towards a world of connected devices, automated cars, and the IoT. Is CAN bus hacking in vehicles a genuine concern? Why is it becoming such a big issue now, and what can consumers do to protect themselves and their families against the threat of a vehicle hack?
Let's try to unlock some of the answers by digging deeper into the realities of CAN Bus hacking.
The term CAN is an abbreviation of Controller Area Network. CAN is a communication protocol, or a set of rules for communication between network devices, that is part of an automobile’s embedded system. CAN was first created by the company Bosch in the 1980s to help efficiently and safely control the numerous electronic devices used in a car at one time. This can include everything from power windows, brakes, power steering, radio systems, GPS, car mounts for phones, and more. CAN is known for its ability to operate multiple devices, or nodes, on the same bus without a centralized host computer. Each device is its own master and the devices work together using an arbitration process that relays messages and prioritizes those with immediate requirements.
The development of the CAN protocol did not begin until 1983, and the protocol itself was not released for use in vehicles until 1986. At this time, many of the functions of your typical consumer-class automobile were still mechanical, not controlled by a computer. The CAN protocol allowed car manufacturers for the first time to expand the number of on-board microcontroller systems that could function in the vehicle and save money on copper wiring in the process.
You might be wondering: Is CAN bus hacking something that Hollywood created to sell a TV series, or can people actually hack into cars without physically touching them? As it turns out, CAN bus hacking is a genuine threat that anyone interested in purchasing a self-driving car should be prepared to face. In 2015, as reported by Wired, Chrysler issued a recall on 1.4 million units of Jeep after a group of hackers demonstrated how they accessed a Jeep's digital systems using a laptop and the internet. Hackers can also use the vehicle on-board diagnostics, or OBD port, as an entry point to facilitate a hack.
With recent advances in the automotive industry, it’s very common for car makers to incorporate wireless systems in their vehicles. These can range from bluetooth connectivity features that allow users to interface their mobile phones with the vehicle for functions like making calls or playing music, to Wi-Fi enabled IoT components for self-driving cars. When on-board systems with microcontrollers that access the CAN bus are also capable of Wi-Fi connectivity, it becomes possible for hackers to gain entry to the CAN system and disrupt vehicle systems.
The cars that are progressively adopting a wireless set up are considered to be part of the “Internet of Things” (IoT), or as the Washington Post article, “Hacks on the Highway” calls it, “Internet of Targets”. The article comments, “cars sold today are computers on wheels, with dozens of embedded chips running millions of lines of code.” Car makers are essentially turning the modern automobile into a smartphone. Many cars provide entertainment and navigation systems, and even allow phone calls to be taken using Bluetooth. Wi-Fi hot spots in vehicles are becoming increasingly popular as well. This allows people who know the car’s IP address to track them from anywhere in the world. Once hackers get inside, it’s possible for them to rewrite firmware and take control.
Bluetooth systems in vehicles can be accessed externally by hacker devices and contain data that could be exposed by CAN bus hacking. A bluetooth-enabled GPS like the one pictured here may contain data about your travel history or other identifying information.
If you're a consumer that wants to protect your vehicle from CAN bus hacking, the best thing you can do is limit access to the vehicle by ensuring that you store it in a private garage away from public view.
For developers of on-board systems for vehicles, however, there is plenty of additional work to be done when it comes to preventing car vulnerabilities in CAN bus hacking. For starters, car manufacturers can begin to separate the systems in vehicles onto different networks. This helps to ensure that an exposed vulnerability does not grant the hacker access to all of the vehicle's systems right away. Manufacturers can also introduce features like automatic software security updates, taking advantage of Wi-Fi and connected capabilities in vehicles to enhance their security on an ongoing basis and as new vulnerabilities are discovered.
Just like some technology companies have offered special bounties or rewards to hackers that can penetrate their security systems, car manufacturers could establish bounties for successful car hacks, challenging benevolent security experts to expose flaws in vehicle security for a reward. Manufacturers should also make it easier for researchers to report vulnerabilities that they discover.
Finally, car manufacturers should begin exploring encryption methods that can help encode and secure data that is transmitted on the CAN network. In the past this would have been unnecessary, but today's connected vehicles are simply too accessible to be operated without any kind of encryption security.
Car manufacturers are now fully aware that CAN bus hacking is a real possibility, and some plan to manufacture cars to make them incapable of being hacked. The good news is with the promise of self-driving cars about to become a reality, top car manufacturers are already collaborating with major technology companies that are poised to solve the security problems we're seeing in the world of vehicle electronics.
Still, other manufacturers are questioning the cost-to-benefit ratio associated with developing advanced security systems for vehicular applications. These days, cybersecurity is everywhere, but for vehicles to have a similar shield of protection as phones and computers, it will be years before we catch up to speed.
Total Phase offers a variety of CAN tools for debugging and monitoring CAN systems. Learn more about the CAN tools offered by Total Phase here.
Have specific questions? Contact sales@totalphase.com for details about Komodo CAN Interfaces and other Total Phase products. You can also request a demo that applies to your application.
Request a Demo
I think I'm running into the limits of the firmware in my battle for cam control - and for a street car - i want it nigh on perfect.
Contact us to discuss your requirements of can bus dashboard. Our experienced sales team can help you identify the options that best suit your needs.
And much to the dismay of my younger self - I actually need to drive at less than full throttle everywhere and want economy at less than full throttle from a car these days.
As no-one else was able to answer me about my cam control forum question apart from a couple of people with motec systems that made me envious of the results they had - I'm half thinking of swapping from my current ecu to the m130 platform as it obviously runs the k series engine nice and accurately.
I was checking out prices for these compared to what I currently have
an m130 with a gpa licence from the local dealer is $3,663.33 inc GST
the wideband controller for it seems to be a Motec Lambda To CAN (LTC) which works with the LSU 4.9 sensors and is another $706.80 inc GST (+ the cost of a sensor)
the ecu I'm thinking of replacing is an haltech elite 2500 for $2936 inc gst
the can wideband for it is $450 inc grab snatch 'n' take - but I'd be keeping the sensor as i doubt someone would want a used o2 sensor
So I might be able to sell my current ecu and wideband controller for $3k and spend a "bit" more and get a motec or something that will give me the results I want from an aftermarket ecu.
I don't know much about motec - but I've heard horror stories of needing to update firmware and licenses all the time and getting charged for things left right and center - but now it seems to be simpler than that..
So - if someone purchased an m130 with gpa license you get the ecu - the usb key - the gpa firmware license and thats it?
ignoring the wiring loom - are there any other costs you'd need apart from the wideband controller?
Does it use special logging cables or just a normal usb cable?
If you get the wideband controller will it wire in directly to the ecu or do you need an additional can controller module or something like that?
I don't need GPR firmware from the sounds of things or advanced logging stuff because the standard GPA firmware and logging looks from the webpage like it'll do more than enough for a street car.
Are there any additional costs if I just want to run a road car with a wideband and knock control?
Is buying the motec ecu and wideband controller and gpa license a one time cost or does it ping you down the line later on?
Are motec GPA firmware updates free if they do them like haltech/link firmwares are?
@Adam from Link - any advice on how accurate the k series vtc cam control is on a link ecu compared to motec / haltec and how the costs would compare at all?
All I want is *accuracy* for fueling / ignition / cam control that stays accurate everywhere in the rev / load ranges and doesn't get flaky if load and rpm changes and by accurate i mean cam control that is really spot on accurate + or - "a few degrees" is not acceptable
I also want to have the option to revert my car to factory at any time so irreversible hondata isn't an option for me for various reasons.
If anyone has things they would like to opinion on but dont want to post in a public forum - you can email me at 9fpwh40h at duck.com (love duckduckgo email filtering and throwaway email addresses)
For more information, please visit what is a can bus system on a vehicle.