The common conception of security problems in cars is theft---someone breaks into your car electronically and drives away with it. The security challenges created by the computers that control your car go far beyond that scenario. Modern cars are cyber-physical systems with dozens of computers that control safety-critical functions. All sorts of security problems can cause cars to fail catastrophically---that is, crash.
One important category of vulnerabilities in cars is timing. If someone messes up the timing of the firing of the spark plugs and fuel injectors in your engine, the engine stops working. Timing problems in the braking system can cause you to lose control of steering.
How do timing problems occur? Some of the scenarios are localized. The engine control unit (ECU) is in charge of sending out all the signals to control the engine. Problems in the ECU software can cause it to improperly time some of the signals to the engine. The effects can range from running rough to total engine failure.
But the computers in your car are connected together on a network. Just as the Internet created new types of security problems for home and business computers, car networks create new vulnerabilities for cars. Units in the car communicate with each other over the network in real time to coordinate their activities. Interfere with their ability to communicate and the car itself stops working properly.
The CAN bus has been used in cars for years. Unfortunately, it is vulnerable to all sorts of timing problems. For example, one component on the CAN bus can jam the network by sending out too many messages. The simplicity of the CAN bus means that there is no global control that can monitor and react to these sorts of problems.
The Flexray bus has been designed to avoid many of these problems. It's starting to appear in cars. Flexray has some very sophisticated mechanisms. Time will tell how well they solve old problems and if they create new challenges.
No comments:
Post a Comment