User: Password:
|
|
Subscribe / Log in / New account

Linux and automotive computing security

Linux and automotive computing security

Posted Oct 11, 2012 15:56 UTC (Thu) by iabervon (subscriber, #722)
Parent article: Linux and automotive computing security

I think a substantial portion of the actual problem is using the CAN bus for things other than status data. A lot of things become much easier to secure if you only have an ECU with clearly-specified functionality bridging the safety-critical and non-safety-critical busses, and that ECU can't be reprogrammed arbitrarily over either bus. It is relatively straightforward to reduce your attack surface by never bridging packets from one network to the other; the bridge device would sit on both networks and report conditions which it determines from the sensors. So it would look at wheel sensors and report "the car is in motion", and look at the wireless key receiver and report "disable the ignition". The compromised CD player wouldn't be able to DoS or spoof the brake pedal without compromising the bridge ECU, and it should be possible to have the bridge use CAN hardware that can't use high-priority IDs on the safety-critical bus.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds