Wireless updates like those promised by Tesla and Ford could pose a major threat to car security, security experts have warned.
Allowing drivers to download apps and customise their cars gives hackers a gateway to manipulate internal car systems through malware or 'man-in-the-middle' attacks.
The warning comes as Tesla’s founder Elon Musk yesterday promised an auto-steering update that will be sent over-the-air in just three months time, enabling cars to drive unassisted “from parking lot to parking lot,” Musk said. The new features come as part of Tesla's 6.2 version OS.
In addition, Ford announced this week that it will be making wireless updates available through its connected car platform MyFord, supported by Microsoft Azure’s cloud.
But these in-car upgrades, similar to smartphone updates, could be a "major new threat".
Wireless updates rely on security credentials to establish a ‘trusted’ relationship between the car and the manufacturer communicating with it to send the update over. If that trust can be manipulated, through a ‘man-in-the-middle attack’ a hacker can mimic the carmaker’s network and physically and remotely access the car, Tony Dyhouse, director of government backed Trustworthy Software Initiative, explained.
A widespread European issue
Tesla has a large, in-house IT team dedicated to fine-tuning the Tesla car similarly to an operating system.
"We designed the Model S to be a sophisticated computer on wheels. Tesla is a software company as much as it is a hardware company. That's a huge part of what Tesla is. It's the same way you're updating your phone or laptop: People have come to take it to be normal that your phone and laptop will keep improving. That's the approach we've taken with the Model S," the firm said in a statement.
However, Dyhouse said that traditional European carmakers continue to prioritise vehicle safety over software security at the design stage, and have a tendency to “draw a false distinction between safety-critical automotive software and the software that runs the in-car entertainment,” Dyhouse added.
But all systems are connected, so a flaw in one part of the car could have a ripple effect. For example, drivers could download a malicious update that gives thieves access to their car or control of their braking system.
“Because all European in-car systems use the CAN Bus system (Controller Area Network) which enables all in-vehicle systems to talk to each other, a dodgy software download for one part of the car could have a knock-on effect on all the other in-vehicle software systems that communicate with it,” Dyhouse said.
Ford said it is "absolutely committed to protecting our customers’ privacy and data security. We request customer consent before providing connected services, and no data is wirelessly transmitted from the vehicle without the customer’s express consent. Ford also invests in security solutions for vehicle systems including connected services, and we are not aware of any instance in which a Ford vehicle was infiltrated or compromised in the field through a remote hack.”
The legal implications
Three Ford, Toyota and General Motor customers are taking the automotives to court over security vulnerabilities that the firms were aware of, but did not patch immediately.
European carmakers and software companies that supply third-party apps, for infotainment purposes for example, could be open to lawsuits if they leave drivers or cars vulnerable.
Dyhouse said: “We have seen Toyota recall vehicles that had a software flaw in the propulsion system and another car manufacturer is working on software malfunctions that affected the gears, causing a sudden stop while driving. It is easy to see how this could leave automotive manufacturers.”
Rivalries between companies could result in a ‘name and shame’ culture, similar to when Google revealed a Microsoft vulnerability before it had time to issue a patch.
“Consumer demand for in-car entertainment systems are behind much of the push for new connected car functionality, but with an estimated three bugs in every 1,000 lines of code, this rush is multiplying risks to the vehicle.”
The Trustworthy Software Initiative has its own framework as a standard for ultra secure, trustworthy code.