Wednesday 17 August 2016

Hackers Hijack a Big Rig Truck’s Accelerator and Brakes


Discoveries of Unsettling Set of Tests – Industrial Vehicles

In recent years, when cyber security researchers had revealed that they could hack a Chevy Impala or a Jeep Cherokee in disabling the brakes of the vehicles or hijack their steering, the outcome seemed to be a distressing wakeup call to the customer automotive industry. At the Usenix Workshop on Offensive Technologies conference, a team of University of Michigan researchers intended to present the discoveries of unsettling set of tests on industrial vehicles.

On sending digital signals in the internal network of a hug rig truck, the researchers were in a position of doing everything from change the readout of the instrument panel of the truck, trigger unintended acceleration or to even disable a form of semi-trailer’s brakes. The researcher also discovered that evolving these attacks was in fact easier than consumer cars due to a common communication standard in the internal networks of several industrial vehicles, ranging from cement mixers to tractor trailers to school buses.

One of the researchers from the University of Michigan’s Transportation Research Institute, Bill Hass has stated that these trucks tend to carry hazard chemicals and large loads. They are the backbone of the economy. If one could cause them with unintended acceleration, it would be too hard to figure out how many bad things could occur with it.

Unintended Acceleration – Tap of a Laptop Keyboard

A video of the researchers portrayed the consequences of unintended acceleration with only a tap of a laptop keyboard. The researchers had targeted several of their attacks on a 2006 semi-trailer though they had also attempted some hacks on a 2001 school bus. On connecting a laptop to the vehicles through their on-board diagnostic ports, they observed that they could look up most of the commands utilising the J1939 open standard which is said to be common to heavy vehicles.

This enabled them in duplicating signals on the networks of vehicles without the laborious reverse engineering other car hackers had to perform in order to replay commands within consumer vehicles, that lacked the calibration of industrial trucks. The other Michigan researcher, Leif Millar had commented that if one desired to hijack someone’s car, they would need to have the knowledge of the make and model and then adopt the attack. With trucks it seems to be all open so it is easy to craft an attack.

Disable the Brake of the Engine of Truck

It was for this reason that their complete truck-hacking project that had started as a University of Michigan class assignment had taken only two months. For the big rig truck that the J1939 standard permitted them in sending commands which accurately altered the statistics of almost any portion of the instrument panel. For instance they were capable of taking-off a full tank of gas when the truck was short of fuel or even avert a warning that the truck would be running out of compressed air in its air brakes, leading the vehicle to apply the emergency brakes without warning.

They could completely disable the brake of the engine of the truck, at 30 miles per hour or less, compelling the driver to rely on other form of brakes which is known as foundation brakes that tends to get overheated and fails. Most upsetting was the fact that the researchers managed to speed up the truck against the will of the driver on sending signals tricking the power train commands of the vehicle to limit the acceleration of the truck or max out its RPMs in any gear. They observed that they stopped short of attempting to put an end to the engine of the truck though they guessed it was a possibility.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.