Hacked communication channel between car and tires

    Researchers from the University of Rutgers and the University of Southern California conducted a successful experiment in intercepting information from RFID tire pressure sensors to a central vehicle control system. Moreover, they were convinced that the information can be replaced and fed into the central computer information about the flat wheels (then the red lights on the dashboard begin to blink, confusing the driver).

    The method works in two stages. First, the receiver reads unique 32-bit identifiers from each RFID sensor on the bus. Then it becomes possible to replace the signal that goes from these sensors to the central computer. Substitution is possible at a distance of up to 40 meters from the car.

    To the surprise of the researchers, they found outthat the tire pressure controller in some cars can be disabled if you submit to it specially selected "impossible data" about the pressure, and the performance will not be restored even after the computer is restarted.

    The problem is that such a wireless tire pressure reporting system is legally required to be installed on all new cars in the USA since 2008 (in Europe, a similar law will be in force from 2012). So potentially every new machine is vulnerable.

    The good side is that each tire manufacturer supplies its own production of receivers (they cost about $ 1,500 each), so in one way you cannot scan all the cars on the road.

    In addition, researchers are sympathetic to the lack of authentication and all kinds of protection in such systems. They say that this is the first implementation of the technology, where the developers tried to at least make a working system, and only then thought about security.

    Researchers also note that in its current form, wireless tire identification technology is ideal for creating a database of cars with the organization of a universal tracking system on a national scale. Perhaps it was for this purpose that laws were passed on the mandatory installation of such RFIDs on all new cars.

    Researchers will present the results of their work on August 12, 2010 at the USENIX Security '10 conference.

    Also popular now: