“Hackers Remotely Kill a Jeep on the Highway — With Me in It.” This is the title of a dramatic article recently published on Wired by Andy Greenberg. The article’s gone viral, popping up in radio and TV news while shared across the Internet.
To summarize the article, Greenberg drove a Jeep Cherokee that was remotely hacked, resulting in the hackers taking control of multiple vehicle systems, including the radio, windshield wipers and air conditioning.
Greenberg further states that the hackers ultimately shut off the brakes, sending the vehicle into a ditch.
The majority of readers aren’t entirely educated about the technicalities of these vehicle systems so a public panic can be expected, but let’s take a step back and set the record straight.
Can a Car’s Brakes be Compromised?
Not entirely, no.
Automotive brakes are a hydraulic system where pushing the pedal drives pressurized hydraulic fluid to the wheel’s brake discs or drums, stopping the car. It’s possible to hack the system in a way that pushing down on the pedal will be more difficult, but the brakes will still operate. Braking by wire was once tried by Mercedes-Benz, but rejected.
Can Hackers Take Control of a Steering Wheel?
Hackers can’t steer your car.
Steering systems in vehicles may have electric power assist, but they’re still mechanically connected to a rack and pinion, or a recirculating ball gearbox, which provides a direct link between the steering wheel and the tires. It may be possible to switch off the power assist, but hackers are not going to take over the steering controls of a vehicle on the interstate.
Can Hackers Influence a Vehicle’s Speed?
The accelerator pedal is a little different.
Modern vehicles use a drive-by-wire throttle system that is connected to the vehicle’s GCU cruise control system and sometimes to collision avoidance circuitry in some advanced vehicles. This is a point of vulnerability, but the immobilizer that’s part of modern vehicle anti-theft systems is more so. Through this system, hackers can switch the engine off entirely by fooling the vehicle into thinking it’s been stolen.
What Is the Reality Behind Hacking Vehicles?
Like last month’s spurious story about hackers taking control of airplane flight controls, the story has been spun by the mass media to suggest that motorists’ lives are in danger, as vehicles’ mechanical systems can be controlled remotely through wireless networks.
Critical safety-related systems on modern cars, such as brakes and steering are still mechanical mechanisms at their core.
There is no doubt that hackers can remotely access a vehicle’s entertainment system, windshield wipers or cruise control, but the solution is an easy one. Shift the transmission into neutral, then steer and brake the vehicle to the side of the road.
We are a long way from removing direct mechanical linkages between drivers and safety-critical systems. The exposure of hacking vulnerabilities through demonstrations, like the one by Wired, will ensure that it will be a long time before the steering wheel and brake pedal disappear.
As technical professionals, we need to inform those who are less mechanically savvy that there is nothing to fear from modern vehicles.