Linux and automotive computing security
Posted Oct 11, 2012 15:01 UTC (Thu) by rgmoore
(✭ supporter ✭
In reply to: Linux and automotive computing security
Parent article: Linux and automotive computing security
You can't design a safety-critical system without knowing what the safety requirements are, and they're often harder to identify than you imagine.
Yes, and in this case, it turns out that one of the things the designers failed to identify is that they couldn't necessarily trust all of the other systems on the CAN. It's easy to understand why somebody might make that mistake, but the major thrust of the security researchers' article is that it is a mistake. Now they need to go back to the drawing board and design a better set of specifications for their networking component so it won't let the system be subverted by malicious messages.
to post comments)