We use cookies to give you a better experience. Carry on browsing if you're happy with this, or read our cookies policy for more information.

Skip main navigation

Introduction to automotive cyber security

Introduction to automotive cyber security.
Today, vehicles are populated with interactive features to enhance the users comfort, entertainment and safety. A vehicle’s in built telematics unit can provide GPS navigation, route audio to allow you to play your favorite songs and make phone calls on the go, they offer lane assistance, power your windows and steering, and can even warm your seats. But behind each of these rich features are millions of lines of code that are running on embedded systems commanding each element to act correctly. Imagine that you were behind the wheel - travelling on a highway and your door windows roll down and indicators begin signaling without your input. Your car begins to speed up, without you pushing the accelerator and your brakes become unresponsive.
You are in clear danger and there is nothing that you can do to regain control. Unfortunately, this is a harsh reality caused by the lack of security measures in the automotive industry. The focus of vehicle manufacturers is on better driving experience, aesthetics and fuel efficiency, but security is not considered a prime requirement. There is no legal compulsion on the vehicle manufacturers to build vehicles that are safe from the cyber-attacks. Modern vehicles inevitably require roommates network connection to provide updates to systems like the ECU as it’s not viable to bring every vehicle to a garage for patching or software updates.
Controller area network or CAN is considered the backbone of in-vehicle communication the can network is an unencrypted series of communications that do not have an authentication method embedded within them. Most of the critical electrical units are connected through this network. Any electronic control unit or ECU for short could be connected to a CAN bus and would be able to listen to any communication. CAN loggers are readily available at low cost and these allow the user to record the communication. An attacker could either physically connect these loggers to the in-car OBD2 port which by law must be left open for Diagnostics purposes, or by wirelessly connecting for instance, through the telematics unit.
Once access has been gained then the control of any in-vehicle system is at stake
How is it possible for a vehicle to keep track of speed, manoeuvres performed and locations visited? How are you able to connect your phone to make calls and play music, use a switch to control your windows, and receive a warning when you’re starting to drift out of your lane?
Watch the above video which explains that this is all made possible due to the inclusion of electronic control units (ECUs) along with other advancements, such as in-vehicle networks and GPS technology. There are millions of lines of code embedded in these ECUs.
The famous Jeep Cherokee attack in 2015 is an example of automotive hacking and is described later this week.
This article is from the free online

Automotive Cyber Security: An Introduction

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education