Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Car Hacking
Computer systems in modern autos can pose a security risk

Source: “Experimental Security Analysis of a Modern Automobile”
Karl Koscher et al.
IEEE Symposium on Security and Privacy, May 16-19, 2010, Oakland, CA

Results: A group of researchers at the University of Washington and the University of California, San Diego, have demonstrated that it’s possible to take unauthorized control of a car’s embedded computer systems. After gaining access through the federally mandated onboard diagnostics port–located under the dashboard in almost all cars today–they could disable a vehicle’s brakes, stop its engine, or take control of its door locks, among other things.

Why it matters: A typical luxury sedan now includes 50 to 70 embedded computers controlled by about 100 megabytes of code. The researchers wanted to demonstrate the need for added security at a time when more of these computer systems are gaining wireless capabilities. For the most part, however, the hacks they’ve performed so far required physical access to the car. The possibility of interfering with a car’s computer remotely is a concern mainly for future models.

Methods: Without any special knowledge from the manufacturer, the researchers pulled the hardware from a car and ran standard security analyses such as fuzzing, which tests software to see if it’s possible to induce any glitches or strange behavior. They used this information to craft attacks that could take over and control systems on the car’s internal network. They tried out their attacks on a parked car and then in road tests to ensure that they were practical in the real world.

Next steps: Many of the techniques commonly used to protect electronic devices won’t transfer well to cars: a corrupted braking system, for example, can’t just shut down. The researchers hope to work with manufacturers to develop more appropriate security features.

0 comments about this story. Start the discussion »

Credit: Microsoft

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me