IBM Research: Would you know if your car was being hacked?

When my sister reluctantly upgraded to a smart phone, she was concerned that her location, contacts, personal calendar, and even banking information would be vulnerable to cybercrime. And she was right to be concerned. Most of us made the decision to give up a certain amount of security in exchange for the wondrous and practical applications that we can no longer live without. But how many of us are making that same conscious decision when we buy a new car?

IBM cybersecurity researchers in Israel are developing protection for connected cars by providing cloud-based intelligence to identify cyberattacks and suspicious activity that can endanger the car or its occupants. By offering car manufacturers a hybrid system that can collect, analyze, and cross-reference massive amounts of data from different vehicles, these researchers are bringing IBM’s security smarts from the data centers to the road.

What makes cars so vulnerable?

Today hackers can get inside your smartphone and steal identities or personal information, access emails, or in extreme cases, hack into our banking apps. This in itself is pretty scary, but so is the idea of hackers taking over your car’s steering or braking systems.

Cars are now more digital than ever. And with more than 100 distributed computer systems and 100 million lines of code in a typical car, there are plenty of components that need protection from hackers. Why do cars have 7 times more code than a Boeing 747? This comes primarily from the fact that today’s cars are assembled from different parts rather than manufactured from start to finish in one factory. As a result, the central door-locking mechanism could easily be the same component across several different car manufacturers. This is problematic from the point of view of security because it means that any vulnerability breached in one car leaves the others open to hacking.

A recent study stated that by 2018, 420 million automobiles will be connected, representing a huge growth over the 45 million connected vehicles in 2013. If the frequency of software threats for the auto industry is similar to that of PCs, the need for a sophisticated system that continuously remains updated becomes critical. By applying the expertise from the IT world to cars, IBM can offer a solution that never stops working and is always updated to deal with new types of attacks.

Intra- And Inter-Vehicle Security

At our Cybersecurity Center of Excellence in Beer Sheva, Israel, my team of researchers decided to take a holistic approach to car security. On one hand, we want to protect the car so that hackers can’t take over control by changing the car’s speed or direction, or applying the brakes, for example. On the other hand, we want to protect the data stored in and sent by the car’s systems. This data is used to send messages if the car was stolen, or if the driver had a heart attack, or simply about its speed and location. If abused by hackers, false data can be injected to create fake traffic jams that reroute vehicles, submit false information to insurance companies for pay-as-you-drive packages, or even determine if someone is not at home. Each digital component in the car that is connected to an outside system is vulnerable.

Most automotive security systems focus on in-car security, similar to the way an anti-virus program might work on our home computer. This may include isolating the car’s infotainment and critical drive systems, or even the inter-car connections that are used to prevent accidents. Our research technology goes beyond the level of the individual car. By taking into account all cars' data channels, we can build a system that uses the synergy between the many sources. For example, by collecting and analyzing data from many cars, we can cross reference them to validate that the information coming in is correct. If one car says it’s traveling at 50 kmph and all the other cars near it are traveling 90 kmph then obviously something is not right.

Our goal is to offer security visibility by identifying suspicious activity and alerting the drivers or car manufacturers — even without having to install a specific component in the car. Our hybrid solution includes a component that sits in the car, but its intelligence sits in the cloud. This allows us to continuously protect the car and driver, remaining connected at all times and not only when the car goes in for service.

This new solution also offers more control and transparency over what information is being collected about you from your car. Since the data collected includes information on where your car is every single second of the day, our technology will allow users to access services to help secure the car, but will only use personal identification if the driver agrees to share it.

By building a protective solution whose architecture allows it to adjust itself to new threats as they arise, we are giving the automotive industry a boost in the right direction. With IBM’s vast amounts of IT security knowledge and assets — alongside new algorithms from Research — we can offer true protection for connected cars and the data being collected from them.

Our next step is targeted at bringing the technology to market. We recently demonstrated a prototype solution for securing vehicles at the International Motor Show in Frankfurt, Germany. Read more about the demo, here.