SECURITY

Computer Controls May Drive New Auto Security Risks

Kate Phillips | Date: 06-01-11 | Comments

Cars today rely on microprocessors to control dozens of functions, including braking, steering, engine performance, navigation and entertainment systems. It's no wonder they are now getting the attention of hackers.

As technology kicks into uber-drive for the automotive industry, on the road to transforming the car into "a mini mobile data center," as Scientific American calls it, the connectivity of new vehicles intersects with the potential for security risks.

Before delving into the growing connectivity, however, it should be noted that the technological advances of the modern automobile also pose an opportunity for greater innovation and strategic alliances.

When it comes to connectivity, a recent collaboration gives clues to what�s possible now and what�s in store in the next few years. Salesforce.com and Toyota have recently partnered to produce a private social network christened Toyota Friend. The network links Toyota customers with their cars, their dealership, and with Toyota through smartphones, tablet PCs and other mobile devices. Design components include low-battery "tweet-like" alerts for electric vehicle and plug-in hybrid vehicle drivers.

Steering into the auto industry as Salesforce.com has may prove fruitful as the car continues to progress: Long gone are the days of a vehicle being the convenient transport object that gets you from point A to point B, converting from, as eWEEK dubs it, "an internal combustion engine" to, down the road, "a glorified 2-ton laptop," complete with GPS chipsets, WiFi hotspot capabilities, software and other modules. Most recent developments include the Ford SYNC with MyFord Touch providing WiFi connectivity, which will roll out on the new Focus next year in the U.K.

But as technology-wielding innovation matures, the aforementioned challenge shifts into high gear: vehicle vulnerability. Engineers are transforming "automobiles from a collection of mechanical devices crowded around a combustion engine to a sophisticated network of as many as 70 computers" (or electronic control units) that share the same network, which means consumers not only need to express concerns of the digital dangers on their PCs, smart phones and other networked devices, but they may also need to be wary about their cars being the target of malicious attacks as well, reports Scientific American.

Researchers assert they can wirelessly hack automobile networks and take command of braking, steering, locking and other safety-device systems�as well as starting engines�through cell phone or Bluetooth connections. Investigations were presented earlier this year at the National Academies Committee on Electronic Vehicle Controls and Unintended Acceleration.

Many automobile brands, including Ford, insist their cars are safe via preventative measures like wireless security protocols and built-in firewalls that shield against network attacks and act as a divider between vehicle-control networks and infotainment networks, Scientific American reports. GM�s OnStar MyLink mobile application protects against potential cyber-security risks from downloads by not having the application communicate directly to the car but rather to OnStar�s network.

Further yet on the security front, a consortium of auto and technological firms like BMW Group, Bosch and Fujitsu are the driving force behind Europe�s EVITA (E-Safety Vehicle Intrusion Protected Applications) initiative to "design, verify and prototype an architecture for automotive on-board networks" with tamper-proof security modules and sensitive data. A follow-up to EVITA, PRESERVE (Preparing Secure Vehicle-to-X Communication Systems), will carry on these initiatives when developing cost-effective standardized security hardware.