Security concerns have been raised about Wi-Fi updates to car software following Ford Motors' announcement on Tuesday this week that it will use Microsoft to provide cloud-based network services for remote wireless software updates to its cars, including display screen graphics and voice-recognition software.
Ford owners will be asked to give permission for their car to continually monitor the Microsoft Azure cloud service where any software updates will be hosted on Microsoft's global network of data centres. When the vehicle is connected to a Wi-Fi network, any new software would install itself automatically, and notify the driver the next time they start their car – avoiding the need for recall cars for patching or updating.
Ford's cloud connectivity starts its roll-out this year with its Sync3 multimedia system, while electric-car maker Tesla Motors Inc's Model S has already embedded wireless connection to perform updates, and General Motors Co intends to launch 30 plus vehicles with built-in LTE 4G broadband connections.
Talking to SCMagazineUK.com, Tony Dyhouse, director at the government-led Trustworthy Software Initiative (TSI) commented: “These developments make the car a network node and browser with internet connectivity so we are transferring all the existing online threats to the owners of a smart vehicle.”
The TSI was set up to address the wider problem of software often not being initially designed with security in mind, thus incurring the additional vulnerabilities, update and patching costs and effort entailed in retro-fitting. But this problem is exacerbated with the Internet of Things (IoT) where systems and devices not originally intended to be connected, nor seen as under threat, are now just that – with vehicles in particular having their security and safety potentially undermined.
For cars, the priority was always safety, not security, and while that may have begun to change following the hacking and theft of BMW's keyless vehicles, the prioritising of innovation and speed to market means that testing time for security is being overlooked says Dyhouse. And cars are especially vulnerable because the Control Access Networks (CAN) used means all nodes talk to one-another in a ‘peer-to-peer' way – all connected with little isolation of say brakes from entertainment. CarShark demos have already shown how the dashboard can be shut down and all doors locked causing a moving vehicle to crash.
Remote updates offer huge savings on cost and reputation compared to recalls, so manufacturers are pushing ahead. However, a remote means of changing the software on a car presents an opportunity for a hacker says Dyhouse, adding that it could also encourage sloppy behaviour in software coding as it reduces the cost of carrying out an update.