An open source framework for learning embedded software development in connection with automotive cyber security.
Cybersecurity currently is a serious concern for Automotive OEMs, their suppliers and customers. Today’s car is not just a machine that moves you from point A to point B, but rather a complex and computerized system that is bound to get even more complex. Nowadays, automobiles rely on hundreds or more ECUs (Electronic Control Unit) that interface with most, if not all, in-vehicle systems and are often exposed to multiple types of external networks like cellular (GSM, CDMA, LTE etc), Wifi (802.11). These new technologies bring safety and convenience to the consumer, but yet result in increased threats to personal safety, security and privacy.
According to a McAfee white paper (“Automotive Security Best Practices”), when an object as complex as a car is connected to the internet assessing the scope of threats is a massive job potentially leaving countless security vulnerabilities exposed to attackers. The study goes on to list the most hackable and exposed "surfaces" on a modern car:
- Remote Link Type App,
- Airbag ECU,
- OBD II,
- USB,
- Bluetooth,
- DSRC-Based Receiver,
- Passive Keyless Entry,
- Remote Key Entry,
- TPMS,
- ADAS System ECU,
- Lighting System ECU,
- Engine and Transmission ECU,
- Steering and Breaking ECU,
- Vehicle Access System ECU,
- User's Smartphone.
With this in mind, our goal is raise awareness to this issue and educate software developers who might be coding apps and software tools, which might soon be finding their way into the highly connected cars of the near future.