The Chinese military strategist Sun Tzu once wrote, "What is of supreme importance in war is to attack the enemy's strategy."
The automobile industry needs to follow Sun Tzu's advice to secure increasingly connected vehicles from hackers, according to experts.
而不是建立防火墙来保持网络攻击,这是哪个行业观察者所说的最终是徒劳的努力,构建系统认识到安全漏洞的样子,以便在任何真正的伤害完成之前停止它。
"If you hack into my car's head unit and change the radio station, I don't care. I can live with that," said Charlie Miller, one of the security expertswho this week demonstrated他们可以破解 - 和远程控制 - 克莱斯勒吉普车。
“如果你能侵入我的头单元,使我的胸罩kes not work, then that's a different story. Let's stop the attack after they're already in," Miller said.
It's called operational security, and the auto industry -- even the banking industry -- has been slow to adopt it, according to Egil Juliussen, a senior analyst and research director for IHS Automotive. "They assume hackers can't get through their perimeter security, which is not true," Juliussen said. "That's a basic principle for security."
当Miller和Chris Valasek展示他们如何破解周边安全性并进入早期型号克莱斯勒Jeep的Uconnect Head单元时,本周,汽车行业叫醒了叫醒服务,也称为信息娱乐系统。以前,黑客只能通过物理连接到汽车的车载诊断(OBD-II)端口来违反车辆的内部计算机总线。
米勒和VALASEK证明,通过使用车辆的蜂窝网络连接,它们可以与Jeep的头部单元无线交谈,然后访问Jeep的控制区域网络(CAN)。
IHS Automotive
This diagram shows more than a dozen wireless access points to a vehicle's head unit and controller area network (CAN).
All modern vehicles have a CAN, which acts as a computer superhighway to the vehicle's various electronically controlled components. Once on the CAN, Miller and Valasek discovered which electronic messages controlled various systems, and they were able to send messages to remotely control the brakes, transmission, acceleration and other vital components.
As cars become more connected to other vehicles, surrounding infrastructure and to manufacturers and their parts suppliers, the ability to breach a vehicle's security will only become easier.
通过自行车,连通的汽车风险更大
And, as autonomous functionality -- even fully self-driving cars -- emerge, it will mean that protecting computer systems from attack will become more crucial.
与此同时,汽车制造商已经远程收集了从他们的车辆中收集数据,不知数是大多数汽车所有者,以便警告司机需要维修或维护和未来的研发。
据Nate Cardozo说,一个带有电子前沿基金会的律师,“消费者不知道数据正在共享。例如,拍摄福特同步。在其服务条款中,它表示它正在收集位置数据和呼叫数据如果您使用SYNC来指示电子邮件。“
Sync is Ford's current Microsoft Windows-based telematics or head unit system. The company is changing over to a QNX-software based system this year.
Miller and fellow hacker Chris Valasek shared their year-long efforts with Chrysler, which issued a software patch to fix the security hole in the head unit. Vehicle owners must download the patch onto a USB drive and then update the vehicle's software with that.
但米勒警告说,克莱斯勒可能已经修复了这个特定的远程缺陷,“有其他人可能会有其他的。”
“我不认为有一种方法可以为电脑进行沟通,”米勒说。黑客网络防火墙只是需要时间和坚持不懈。
Miller表示,CAN总线非常简单,信息上的信息非常可预测。“当我开始发送消息以导致攻击和物理问题时,这些消息非常明显地脱颖而出。汽车公司建立一个设备或建立一个可以检测到我们发送的消息的现有软件,这将是非常容易的或采取某种行动。“
Juliussen同意了。
Once past a firewall, hackers can make computers imitate any other computer on a network, and that means they can control the systems through electronic messaging. That's basically what Miller and Valasek did: They had the head unit pretend to be the electronic control unit (ECU) for the brakes, the transmission and other systems.
Behond安全曲线
Carmakers are far behind the security curve, not only because vehicles have an average six-year development cycle, but also because they haven't taken the potential security problem seriously.
“汽车工业已经slow to do anything。I did my first presentation [at an auto industry conference] five years ago and they said this very interesting, but we don't need it yet," Juliussen said.
For example, in response the hack on Chrysler's UConnect head unit, Ford issued a statement claiming its communications and entertainment systems feature a different architecture than what was hacked. "Our vehicles have a hardware based built-in firewall that separates the vehicle control network from the communications and entertainment network," Ford stated.
Ford declined further comment and didn't say whether its Sync head unit and coming QNX-based unit can detect errant messages that could indicate a cyber security breach has occurred -- and then shut it down.
Miller said he can imagine a more secure method, such as using cryptography or encrypted messaging within a vehicle's CAN, to make it more difficult to hack.
But, if an attacker has physical access to a car, they can get access to the firmware on various computer chips and figure out what the encryption keys are, Miller said. "Every car isn't going to have a different key," he said, referring to the fact that once one car is hacked, all the models are vulnerable.
A detection system versus a better firewall
相反,米勒和朱利士说,汽车公司可以“轻松”构建一个单独的计算机来检测错误的消息。计算机将观看在车辆计算机或电子控制单元(ECU)之间流动的消息,并使用数据库来确定哪些消息是真实的。
For example, Isreal-basedArgus Cyber Security Ltd.is a start-up that sells detection software for the connected car industry. Argus's Deep Packet Inspection algorithm scans all traffic in a vehicle's network, identifies abnormal transmissions and enables real-time response to threats.
米勒和Juliussen相信一个分层的应用程序roach to security. Hardware-based encryption with cyber attack detection is the most promising for securing the future of the connected automobile, they say.
然而,很多汽车行业的努力已经在进行的是建立比今天的可以规格更安全的总线。
Ethernet is joined by about a half-dozen other in-vehicle communication protocols, such as LIN (Local Interconnect Network), MOST (Media Oriented Systems Transport) and FlexRay -- aimed at increasing bandwidth to and from the car as vehicle monitoring systems become more sophisticated.
分析师预测,车辆到基础设施(V2I)和车辆到零售(V2R)将是接下来的汽车市场最占据的汽车市场中最多主导地位的两个。根据Abi Research的说法,到2030年,超过45900万辆的车辆将支持V2I和4.06亿的人将支持V2R。
其他人倡导不同的安全方法。软件安全公司Symantec技术战略副总裁Ken Schneider相信数字证书 - 计算机系统之间的数字握手 - 将成为提供隐私的关键,同时也允许收集关键的驱动数据。这些数据将有助于地方政府和汽车制造商改善整体交通状况;个人驾驶经验可以使用来自车辆的内部计算机的数据。
现代车辆Schneider表示,可以在内部计算机系统之间拥有多达200个ECU和多个通信网络。虽然大多数系统在汽车内被隔离,但其他系统用于将数据传输回制造商,经销商甚至政府。
“在加方面,这种数据可以使用户体验更丰富和个性化,因为从一个车辆到下一个,它将知道所有的设置和[BE]能够将您的车集成到您的数字日中,”Schneider说。“那个翻盖是它会产生风险。”
这个故事,“防火墙无法保护今天的连通汽车”最初发布Computerworld 。