Hackable Cars, for Enthusiasts… and Others

Using an Arduino to read CAN data.

The boundaries between our digital world and physical world blur a little more every day. Our houses and cars are becoming increasingly controlled by computers and connected to the internet at large.

As a software developer and driving enthusiast, I’m particularly interested in the intersection of cars and software. I’m excited by a large number of the improvements in vehicle control and utility these changes have enabled. The stability control system in the Nissan GT-R, for example, is astoundingly robust. Naturally, then, I’m curious about what modern control systems and vehicle communication channels might enable enterprising enthusiasts and makers to accomplish.

But there is a darker side to the connected world as well: people with malicious intent are increasingly able to take advantage of the same systems. Our cars are hackable. The potential impact depends on the vehicle and whether the hacker has physical access to it, but the possibilities range from merely inconvenient to downright dangerous.

Dangerous Hacks

One recent story on the inconvenient and creepy end of the spectrum comes from Tesla. They provide a mobile application that allows owners to track their charging status, open the sunroof, adjust the climate control, and other similar things. The API has come under fire recently for using an authentication token with an excessive lifetime (3 months) and no means for a user to revoke a token’s access. Using the API, a malicious user could track the location of the vehicle or operate many of the systems mentioned above.

While the API’s relationship to an automobile is novel, APIs of all sorts are prone to similar security flaws. What makes the car + API combination worth paying attention to is that very few APIs can have such a dramatic, direct effect in the physical world.

Another good, non-automotive example of an API crossing the software/physical boundary is the Nest thermostat. Given that they could gain access to your online Nest account, a malicious hacker could change the temperature of your home or learn when you’re likely to be at home or away. Worst case is probably turning off the heat in the winter long enough to freeze pipes, or confirming you’re on vacation prior to breaking in.

On the more dangerous end of the spectrum, Charlie Miller and Chris Valasek were able to hack a Prius to amazing effect. They effectively disabled the brakes and caused the steering to jerk around, among other feats.

Hacking My Car

What struck me most about the story, though, was how it compared to my own experiences reading data off my Mazda’s CAN bus. My intent was less malicious — to read sensor data off the bus and display it real-time for my own enjoyment — but I had one brush with the possibilities of pushing misinformation onto the bus that revealed just how simple it can be.

To test the code I put on my device, I placed the CAN transceiver in loopback mode and sent messages on the loopback bus. The messages I was sending contained information about the engine RPM, and when I hooked the device back up to my car after turning off loopback mode (but forgetting to turn off the messages I was sending) my tachometer went nuts. It jumped around between 1000 RPM, where the engine was actually idling, and 5000 RPM, which the message I was sending on the bus indicated.

The result startled me but didn’t cause any problems. It also didn’t take much equipment or time. Where the group with the Prius had the dashboard ripped apart, mine remained blissfully in-tact. They had government funding to pursue the research, where I had $50 of off-the-shelf hardware and a few evenings and weekends.

I’m very excited about the possibility for good with increasingly connected vehicles (and other devices that bridge the software and physical worlds). We should remain aware of the potential risks, but also keep in mind that large-scale remote vehicle mayhem is not a problem yet. Most dangerous hacks demonstrated thus far require physical access to the vehicle. There are other, simpler ways for those with malicious intent to inflict harm on us and our automobiles that we rarely consider (e.g., cutting a brake line) and, at least for most of us today, hacking cars falls into that same category.