Security Storm May Bring Port Closure
A growing population of automakers is quietly calling for the shutdown of the on-board diagnostic (OBDII) port in passenger vehicles. Car makers would prefer that these interfaces be switched off while vehicles are in operation primarily for security reasons and to preserve the integrity of vehicle operations.
Conceived for diagnostic purposes but later required for emissions testing by the California Air Resources Board, these under-dash ports are increasingly being used for aftermarket applications for everything from usage-based insurance to vehicle maintenance and social networking. What is new, though, is accessing the port during vehicle operation.
By plugging devices into the diagnostic port which the car is in operation, aftermarket device makers have found a way to evaluate and monitor vehicle performance in real time. This monitoring has allowed for the tracking of vehicle driving behavior along with vehicle performance and the status of diagnostic codes.
Some aftermarket players have taken it a step further by adding Bluetooth connectivity to smartphones and/or cellular connections enabling remote access to vehicle functions such as door locks, headlights, windshield wipers, or the ignition. Throughout all of this new devices continue to come on the market putting the onus on car makers to test the devices as they arrive – particularly in the context of their potential for compromising vehicle performance or security.
This aftermarket proliferation is attracting investment as well thanks to the hundreds of millions of cars already on the road with OBDII ports. Multple aftermarket companies have lassoed 10s of millions of dollars to explore this budding market opportunity.
Mojio, Zubie, Automatic, Automile, Vinli and more. The list grows every day. Yesterday, Verizon added Hum to its two existing aftermarket OBDII plug ins for telematics services, roadside assistance and vehicle diagnostics.
The attraction for carriers such as Verizon (and AT&T and Telefonica and Vodafone) is to tap into the massive existing fleet of cars with OBDII ports and no built-in telematics systems. The marketing pitch is the promise of turning 20-year-old cars into connected cars.
With car makers getting sued for hacking vulnerabilities and, most recently, for remote start-related fatalities, the pressure is growing to disable the OBDII ports during vehicle operation. Such a move is not ruled out under the 150-page CARB specification which now stands as a global standard for OBDII port fitment. (https://tinyurl.com/qecc25a - Malfunction and Diagnostic System Requirements - 2004 and Subsequent Model-Year Passenger Cars, Light-Duty Trucks, and Medium-Duty Vehicles and Engines.)
Car makers know the OBDII port must remain open and unprotected to enable repair shops the ability to tap into vehicle diagnostic codes. Independent repair shops have fought for the right to access vehicle codes along with access to the means to interpret those codes. This ability is protected under so-called “right to repair” laws in the U.S. and similar legislation in Europe and elsewhere.
But, the OBDII port was originally only intended for emissions testing. Car makers later chose to adopt the same port for a broader range of vehicle diagnostic purposes rather than introduce a second, proprietary port.
Autocyb OBDII locking device.
There are products available for consumers to secure the OBDII port from criminals including a locking device from a company called Autocyb and a port securing add-on that has been shown in prototype form at industry events by security firm Argus.
But if car companies decide to shut off the functions of the OBDII port during vehicle operation it will nip the nascent OBDII market in the bud. Most of these devices and their applications – though not all – are dependent upon real-time access to vehicle data.
No formal proposals have yet been made by any individual car maker. But the car companies currently considering this proposition represent the largest automakers in the world. And with hysteria around vehicle security growing it is not likely that these companies will tolerate the presence of a built-in vehicle vulnerability indefinitely.
Director and founder at Roben Automotive - The Netherlands BV
9 年OBDII scantools have another "user": the government bodies or their tpye approval agencies. Specific paramaters (PIDs) have been added as a requirement in the USA and also outside that support in determining on-road emissions performance. Wether it is to support data for additional measurement equipment or to identify in which "compliance zone" the engine is running. This is naturally required to be available during driving. This is just very clear example. OEMs have stepped in and made a SAE standard that tells what any constantly-present OBDII device should not do. A next step could be a gateway that holds a Security portal that only lets allowed messages through. In basic most VW group vehicles already have such an infrastructure but they are nearly the only one.
EMODE Outdoors: Electric Mobility Development for Outdoor Recreation Destinations and On-Site
9 年If true Ami, simply beautiful solution!
Interesting article Roger. However, nobody can stop the train after it left the station. The market of collecting driving data through OBDII dongles is too big to ignore. However, if the OBDII devices' manufacturers would be able to bar incoming communication with the SIM card while the car is in motion (or in operation), this could solve most of the hacking risks.
EMODE Outdoors: Electric Mobility Development for Outdoor Recreation Destinations and On-Site
9 年This Israel based company (US Office in Troy, MI) white hat hacked Zubie to identify its OBDII product vulnerabilities and helped them secure their OBDII device solution: https://argus-sec.com/blog/remote-attack-aftermarket-telematics-service/
Instructor Ciclista 1 Bici+
9 年Excelente artículo; el problema parece de difícil solución, ya que los nuevos vehículos con conexión a dispositivos móviles van a ser sensibles a accesos no deseados