Hacking the CAN-Interior Bus
#31
JK Newbie
Thread Starter
Join Date: Dec 2013
Location: Tabernash, CO
Posts: 24
Likes: 0
Received 0 Likes
on
0 Posts
proof of concept #1
I finished the 1st proof-of-concept for using the CAN-Bus data to control auxiliary relays. It worked great. Attached is a block diagram of what I used, and a longish video of how the testing went.
If you want to skip all the bench testing, the actual in-car testing happens at the 11:15 mark of the video.
http://www.youtube.com/embed/v64EYqzys0Q Code for the demo can be found at https://github.com/dcgibbons/jeepbot/tree/poc1
A few hours after I finished, a bluetooth-low-energy board I ordered showed up. The next step will be to throw that on there so that I can use a smartphone to configure each switch and optionally control them by hand.
Each switch will have the following different possible control states:
Right after that, I'll start working on a prototype PCB and housing so I can start testing real versions of this system.
I'll post the design, schematics and code in progress on my blog so anyone can offer feedback as it gets built.
If you want to skip all the bench testing, the actual in-car testing happens at the 11:15 mark of the video.
http://www.youtube.com/embed/v64EYqzys0Q Code for the demo can be found at https://github.com/dcgibbons/jeepbot/tree/poc1
A few hours after I finished, a bluetooth-low-energy board I ordered showed up. The next step will be to throw that on there so that I can use a smartphone to configure each switch and optionally control them by hand.
Each switch will have the following different possible control states:
- always on
- manual only
- on when interior lights are on
- on when high-beams are on
Right after that, I'll start working on a prototype PCB and housing so I can start testing real versions of this system.
I'll post the design, schematics and code in progress on my blog so anyone can offer feedback as it gets built.
#34
JK Enthusiast
Join Date: Apr 2009
Location: Milwaukee,WI
Posts: 217
Likes: 0
Received 0 Likes
on
0 Posts
http://www.bosch-semiconductors.de/e...at_is_can.html
Dont Know if this will help or you have seen it
Dont Know if this will help or you have seen it
#35
JK Freak
Join Date: Apr 2011
Location: Lakeland, Florida
Posts: 719
Likes: 0
Received 0 Likes
on
0 Posts
Another source from my friends who break things:
canbushack: Hack Your Car
This one is really scary. It talks about doing things like causing the steering wheel to jerk or causing or PREVENTING brakes from being applied.
Defcon presenters preview hack that takes Prius out of driver’s control
canbushack: Hack Your Car
This one is really scary. It talks about doing things like causing the steering wheel to jerk or causing or PREVENTING brakes from being applied.
Defcon presenters preview hack that takes Prius out of driver’s control
#36
JK Newbie
Thread Starter
Join Date: Dec 2013
Location: Tabernash, CO
Posts: 24
Likes: 0
Received 0 Likes
on
0 Posts
Another source from my friends who break things:
canbushack: Hack Your Car
This one is really scary. It talks about doing things like causing the steering wheel to jerk or causing or PREVENTING brakes from being applied.
Defcon presenters preview hack that takes Prius out of driver’s control
canbushack: Hack Your Car
This one is really scary. It talks about doing things like causing the steering wheel to jerk or causing or PREVENTING brakes from being applied.
Defcon presenters preview hack that takes Prius out of driver’s control
It's like saying you need to tighten up security on your toilet because someone you invited into your home might drop a mentos inside of it.
(side-note: I work in the security industry).
#37
JK Freak
Join Date: Apr 2011
Location: Lakeland, Florida
Posts: 719
Likes: 0
Received 0 Likes
on
0 Posts
That DEFCON hack article is such FUD. Yes you can do all of those things (on cars that have full drive-by-wire) if you have physical access to the buses of the car.
It's like saying you need to tighten up security on your toilet because someone you invited into your home might drop a mentos inside of it.
(side-note: I work in the security industry).
It's like saying you need to tighten up security on your toilet because someone you invited into your home might drop a mentos inside of it.
(side-note: I work in the security industry).
(side-note: I work in the industrial automation industry)
#38
JK Newbie
Thread Starter
Join Date: Dec 2013
Location: Tabernash, CO
Posts: 24
Likes: 0
Received 0 Likes
on
0 Posts
Sure you can't access a CAN bus wirelessly at this time. But, how hard would it be to attach a wireless interface to the CAN bus under the hood? "Physical access" doesn't mean you have to be physically in (or near) the car as long as your wireless interface is.
(side-note: I work in the industrial automation industry)
(side-note: I work in the industrial automation industry)
Or even if your system is encrypted, I could rip our your PCM and replace it one that did what I wanted and still worked with your vehicle - physical access can't keep any security system at bay for long.
Now if they get to the point where the Bluetooth/WiFi modules in vehicles can be hacked, and you get access to the CAN buses that way, that would be a whole lot more interesting/scary.
A lot of security threats are hyped up and aren't really issues, but it gets the researchers press. We waste so much time chasing our tails with this sort of thing.
Aren't some OEM's already starting to encrypt the network layers on top of the CAN buses? I've been told the C7 Corvette has that at the GMLAN layer and I would love to see if that's the case. I know my old C6 was pretty underwhelming from a network/ECU perspective.
#39
JK Enthusiast
That DEFCON hack article is such FUD. Yes you can do all of those things (on cars that have full drive-by-wire) if you have physical access to the buses of the car.
It's like saying you need to tighten up security on your toilet because someone you invited into your home might drop a mentos inside of it.
(side-note: I work in the security industry).
It's like saying you need to tighten up security on your toilet because someone you invited into your home might drop a mentos inside of it.
(side-note: I work in the security industry).
Your funny and being in the security industry you know that there is no such thing as 100% security. You can break into fort knox with enough effort. It is all about mitigating the risk to an acceptable level. Take a look at open network jacks at a major organization. You will see port security turned on for these network jacks even though the front door is locked. So even though you have physical access to a network jack does not mean you can compromise the internal network or any component of it. I certainly see this being an issue regardless of the attack vector. This access appears to be sensitive and should require some sort of security regardless if it is a physical connecter, wifi or bluetooth. Maybe I will see you at the next con!
#40
JK Freak
Join Date: Apr 2011
Location: Lakeland, Florida
Posts: 719
Likes: 0
Received 0 Likes
on
0 Posts
I could see where wifi access to the CAN bus would benefit Big Brother. They could download your black-box history without getting out of their car. They could pull you over without putting on siren and lights. Every car would be like the "Bait Car".
https://www.youtube.com/watch?v=WsGlKjZbKKo
https://www.youtube.com/watch?v=WsGlKjZbKKo