Researchers who have spent the last two years studying the security of car computer systems have revealed that they can take control of vehicles wirelessly.
The researchers were able to control everything from the car's brakes to its door locks to its computerized dashboard displays by accessing the onboard computer through GM's OnStar and Ford's Sync, as well as through the Bluetooth connections intended for making hands-free phone calls. They presented their findings this week to the National Academies Committee on Electronic Vehicle Controls and Unintended Acceleration, which was brought together partly in response to last year's scandal over supposed problems with the computerized braking systems in Toyota Priuses.
The team, including Tadayoshi Kohno, an assistant professor of computer science at the University of Washington, and Stefan Savage, a professor of computer science at the University of California, San Diego, had previously shown that they could take control of a car's computer systems, provided that they had physical access to the vehicle's onboard diagnostics port—a federally mandated access point located under the dashboard in almost all modern cars.
With the new work, the researchers systematically analyzed ways they could get at a car's computer systems without having physical access. They used a 2009 mass-production sedan equipped with fewer computer systems than many high-end cars. For each attack that succeeded, they confirmed that they could take complete control of all of the car's internal computer systems.