NHTSA advice aims to keep connected cars safe from hackers
The agency wants automakers to shore up their low-hanging fruit from hackers.
Following a smattering of recent high-profile attacks, the National Highway Traffic Safety Administration is taking a hard look at vehicular cybersecurity. In a 22-page document (PDF), the NHTSA outlines its voluntary best practices for automakers going forward. Chief among the guidelines is using a layered approach to security, so that even in the event of a successful attack that "vehicle systems take appropriate and safe actions." Meaning, a car's computer shouldn't put the driver at risk just to fend off an intruder.
The agency also suggests designing connected systems with cyber security in mind from the outset. "If a cyber-attack is detected, the safety risk to vehicle occupants and surrounding road users should be mitigated and the vehicle should be transitioned to a reasonable risk state," the paper reads. As a way to minimize the amount of intrusions in the first place, the NHTSA writes that developer and debugging access to engine control units (ECU) should be "limited or eliminated" if there's no reason for them to be open after a vehicle rolls off the assembly line.
There are a slew of other propositions as well: control keys shouldn't apply to multiple vehicles, access to diagnostic settings that could be "misused or abused outside of their intended purposes" should be limited and firmware access should be secured to prevent reverse engineering. NHTSA also wants limits on firmware modification ability, OEMS to lock up network protocols and ports (especially on the cellular data side) and encryption for communications between the vehicle and its OEM "home." Oh, and for manufacturers to extensively test for data breaches, and document the process.
The potentially scary part about this is that while protecting drivers, it also could further lock any sort of backyard tinkering or performance away for good -- something that hobbyist mechanics and tuners haven't really had to worry about before.
That even includes taking into account vulnerabilities presented from hooking your phone to a car's infotainment system via Bluetooth. "Aftermarket device manufacturers should consider that their devices are interfaced with cyber-physical systems and they could impact safety-of-life," the paper reads. "Even though the primary purpose of the system may not be safety-related, if not properly protected, they could be used as proxy to influence the safety-critical system behavior on vehicles."
This may also affect the business of independent shop owners who won't be able to service new vehicles thanks to diagnostic features being locked behind manufacturer-specific tools. But the outfit seems to have that covered, at least a little, too, but with a catch; emphasis is our own.
"The automotive industry should provide strong vehicle cybersecurity protections that do not unduly restrict access by authorized alternative third-party repair services." So, if you've been going to the same mechanic you know and trust, chances are that the automaker might not feel the same way.
As Reuters reports, the Alliance of Automobile Manufacturers is already onboard with putting the voluntary best practices into place. "In the constantly changing environment of technology and cybersecurity, no single or static approach is sufficient," NHTSA administrator Dr. Mark Rosekind said in a statement. "Everyone involved must keep moving, adapting and improving to stay ahead of the bad guys."