This time Tesla's automatic driving accident caused the driver to die. The incident has passed nearly two months, but the large-scale release in the media is a matter of these days. According to official analysis, the reason for the incident was that the autopilot sensor misjudged the large truck with a high chassis as a bridge and other buildings. We can see that computer errors are no longer confined to the virtual world, but can lead to the loss of human life. As a computer security researcher, we must not only ask, what conditions may be attacked by the on-board computer, leading to serious accidents?
Let's start with the OBD II, an on-board diagnostic system in the United States. OBD II is the meaning of On-Board DiagnosiTIcs Version II, which coincides with the 20th anniversary of OBD II implementation in the United States. According to the United States, starting from the 1996 model, cars sold in the United States must have an OBD II system. The OBD II is the interface to the car controller network, usually in front of the driver's left knee.
For example, the OBD II interface of Tesla Model S is like this:
Most American-run cars, whether made in the United States, made in Japan, or made in Europe, use such interfaces.
Connected to this interface, you can connect to the car's control bus network bus CAN Bus, and then chat with various computers inside the car, such as let the engine controller tell you to drink a few pots today, ask if the oil is too hot Tell the brake ABS controller that it should let go.
The problem is coming. When the OBD II standard was established, there was no wireless interface on the car. It should be pointed out that wired networks and wireless networks are completely different security games. Because of the signal connection of the wired network, an implicit trust architecture is built through the cable. Only trusted computers can connect to the network. It's like a group of children who grew up in key schools. Everyone is well-behaved and polite, and they don't know the sinister world outside.
The wireless network is a jungle, anyone can eavesdrop, anyone can talk, anyone can imitate others. Connecting devices in a wired network to a wireless network is equivalent to throwing a group of deaf children directly into the vegetable market. It is certain that they are cheated. Do not believe? You may wish to listen to the 2.4G Hz band, where there are Bluetooth, BLE and Zigbee's shallow sings, WiFi sings, wireless mouse smashing, remote control toys, and the lack of a cordless phone. Suddenly everyone They are all quiet, and there is only a roar of microwave ovens in their ears.
And those computers in the car, after 20 years, found that all kinds of devices around them can be connected to the CAN bus through the wireless interface, whether it is a car phone or a car WiFi or Bluetooth, telling the engine controller to rest, or The ABS controller should let go. And hackers can also chat with these controllers on a wireless car interface, thinking about it.
We still have a sense of this kind of attack that may have serious consequences. Here is a less serious example.
In the previous section of the domestic innovation boom, many people engaged in car networking. The so-called car networking, many programs are actually to buy a small box inserted into the OBD II interface of the car, and then use the mobile phone and Bluetooth in the small box to pair, the APP on the phone can read the CAN bus through the interface of OBD II Various information, including oxygen consumption, engine speed and so on.
The problem is that neither this small box nor the CAN bus has enough precautions to stop hackers. The first attack we made was to drive on the road and use a mobile phone to scan the wireless signal of this small box. Once found, it will be cracked to match (the suspect is tracked in the upper body of the house, forced to match the sense of sight). Then you can read some of the car's sensitive information. We don't actually take any other sensitive information. We are looking for the ECU to ask for the VIN number of the car (equivalent to the car's ID card). Ask the car if it is hot or not. These can be asked in the car next to the red light for half a minute. Another time is to let the next car tell us what its speed is during the driving process.
Tesla is actually doing a good job of isolating the OBD II from the onboard controller. Tesla's OBD II interface provides voltage and grounding only as required by law, but does not have a data connection to the onboard controller. In contrast, Tesla's control computer has wifi and Ethernet interfaces. These interfaces can also be the interface for hackers.
I talked about the traditional way that a vehicle controller can be hacked. In terms of autonomous driving, the car has added new sensors and computers that are not available in traditional cars. For example, a computer vision camera is used to detect whether objects are inside and around the lane; for example, GPS that was not connected to the driving controller is now connected to the driving control network as a data input; and laser radar. All of these new sensors will continuously source data into the control computer. When the input data is disturbed, it is possible to disturb the normal operation of the computer in the driving control network and cause an accident.
The third type of third-party program that causes the in-vehicle system to malfunction.
As you may recall, Jobs still doesn't want to have an App Store when the iPhone is released. The reason is actually very simple. In an open computer system, about three-quarters of the system crashes come from third-party programs. When I was a student, I once showed us a paper. Statistics show that in Microsoft's Windows system, third-party drivers caused about 80% of system crashes. Jobs’s threat to third-party programs is also very clear. Nowadays, many in-vehicle systems require third-party programs for entertainment operations, such as playing online music, displaying destination weather, etc. These third-party programs are often not as secure as other parts of the system.
As a special security expert of the W3C car networking working group of the International Web Standardization Organization, I also put forward some suggestions on the security of third-party programs in the meeting of the Internetworking Working Group and received attention. The industry participants who participated in the establishment of standards still attach great importance to the safety of in-vehicle systems. We will have a special safety meeting to discuss the safety of in-vehicle systems.
Author song, co-founder and CTO of Seattle Newsky Security, a well-known anti-virus expert in the industry, hacker, special author of Lei Feng.
Fume series
Hongkong Onice Limited , https://www.ousibangvape.com