Hello,Welcome toChina Automotive Cyber Security Summit 2020!

Car network encounters hackers How to ensure car network security

Release Date:2019-09-26

What exactly is the Internet of Vehicles? In recent years, with the popularization of automobiles, cars have entered thousands of households, and more and more cars can be connected to the mobile Internet and become intelligent. With the arrival of 5G, the Internet of Vehicles will usher in a more vigorous development, become more intelligent, and even achieve L5-level unmanned automatic driving. For us in general, the car network seems to be a large screen on the car can listen to the song can be navigated, in the powerful point, you can use the mobile phone to remotely turn on the air conditioner to control the car to drive slowly.

However, with the popularity of the Internet of Vehicles, the security of the Internet of Vehicles has become more and more concerned. In 2011, the research report of computer experts from the University of California and the University of Washington pointed out for the first time that hackers can remotely control the engine of the car. Brakes and even other features of the car. In July 2015, white-hat hackers used Internet technology to invade a "Uconnect" system of a Cherokee jeep while driving, remotely controlling the car's acceleration and braking systems, radios and wipers.

To this end, the United States Fiat Chrysler Automobile Company announced the recall of about 1.4 million cars with software vulnerabilities. This is the first time that car manufacturers have recalled cars on a large scale due to cyber security issues, and the safety of the Internet has also entered the public's attention for the first time.

Usually hackers attack cars, through the following three ways.

The first is physical contact through the OBD (Auto Diagnostic Interface) port of the car. OBD is an on-board diagnostic system that monitors the engine's operating conditions and the operating status of the exhaust after-treatment system at any time. Once an abnormal condition is detected, it will Immediately issue a warning, and it will also record this abnormal record in the fault code memory. Usually the position of the car OBD will be below the trim panel at the lower left of the steering wheel. As the external interface of the car, it can access the CANBus, which is the internal bus of the car, to control the vehicle and even modify the configuration of some ECUs, so just put The control of the vehicle can be achieved by the special control device being connected to the OBD.

The second is the approach communication mode. Through the Bluetooth and WIFI network system of the car, the hacker connects to the execution control mechanism of the car terminal through the WIFI path, and then uses the computer to send the Trojan program to the mechanism, thereby realizing the throttle to the car. And control of the system such as brakes.

The last one is remote control of intrusion. At present, many vehicles have built-in SIM cards for connecting 4G networks to realize remote control of vehicles. By cracking the car network cloud service platform, the hacker can obtain the owner's name, license plate number, ID number, mobile phone number, etc., and do not cut the visual line to the remote control of the vehicle, such as turning on the air conditioner, unlocking, locking, or even launching. The car is driving remotely.

The above is the main way for hackers to invade our cars but to get control of the car, they can't get an important thing is the CANBus bus, what is the bus doing? The CANBus bus is called the controller LAN bus. The control system of Hyundai Motor is basically an electronic control system. The electric control system of the car is based on a large number of sensors on the car.

Then there will be a large amount of data exchanged between the sensor, the central processor and the actuator. Therefore, the role of the bus is to transfer the various sensor data on the car. CANBus has high speed and low speed. The high speed CAN bus is mainly connected to the engine control unit, ABS control unit, airbag control unit, combination meter and other systems directly related to vehicle driving.

So with the rapid development and popularization of the vehicle network, how can we guarantee that? At present, the security problem of the Internet of Vehicles is still a certain distance from our ordinary users. And the safety problem of the Internet of Vehicles is mainly the problem of automobile manufacturers. For the moment, China lacks the standards and laws related to the Internet of Vehicles, which leads to the weak safety awareness of automobile manufacturers. The standards of different families are also different. management. As more and more issues related to the safety of the Internet of Vehicles are exposed. The security problem of the Internet of Vehicles still relies mainly on the attention of the manufacturers. When the vehicle leaves the factory, the security chip is embedded to manage the key and encryption operation. On the server side, the security products and strategies provided by the cloud service provider are configured, and the independent research and development is loaded. The key application SDK is responsible for encrypting data with the vehicle and mobile terminals.


  • 电话咨询
  • 15021948198
  • +862122306692
None