Current trends in automotive industry are changing the car more and more from mechanic engineering towards electric engineering. The car is starting to resemble more to a computer with mechanical peripherals, yet the same does not seem to happen on its security. One big step towards securing cars was of course the introduction of immobilizer, yet as everyday living shows, new vehicles are still being stolen. Immobilizers can be bypassed by one of the following methods:
• Disable the immobilizer by replacing factories’ ICM that contains and controls data, with a new masquerading unit, thus the immobilizer can’t be activated.
• By attaching an electronic device between the computer unit and the OBD. We are able to decode the immobilizer, allowing the deletion of existing system.
• Copy the e-keys of the immobilizer units.
• Tapping the transmitted signal-code.
• Accessories Attacks (MP3 players, infotainment system).
• DoS from RFID Zapper. Immobilizers use RFID authentication.
Of course there’s always the possibility of using after-market audible alarm device, yet this usually does not prevent stealing, but rather deters, moreover if not properly installed, it may create new entry points.
In order to patch some of these security breaches and create a more extensible in-vehicle computer system, we propose the use of a TTP entity inside the vehicle, which sends the ignite signal to the engine only if the main parts of the vehicle have properly been authenticated. The vehicle’s MCU takes the role of the TTP, therefore applying a “Deny all” policy towards any possible malicious hardware injection. In order to secure the MCU from software attacks, the MCU resides inside an application firewall which filters incoming traffic.
Moreover, we apply a role based approach towards possible vehicle users, which are authenticated by appropriate credentials. Finally we categorize vehicle parts enabling the vehicle to be usable if certain secondary parts fail to function, something that is very usual in vehicles, due to severe use.
This talk was held at the DeepSec 2011 conference by Constantinos Patsakis and Kleanthis Dellios.
Loading more stuff…
Hmm…it looks like things are taking a while to load. Try again?