More devices are becoming “smarter” with hardware and software that permit them to communicate via the internet, such as through cellular wireless networks, Wi-Fi, and Bluetooth. These internet-connected devices are often identified as being part of the “Internet of Things” (IoT), which is a term that broadly encompasses internet-connected devices configured to transmit and receive information related to their operation, such as status information. For example, many consumer products are now IoT devices with internet-connected features, such as home automation devices (e.g., wirelessly controllable light switches), appliances (e.g., smart refrigerators able to transmit images of the fridge's contents), and automobiles (e.g., internet-connected components, such as infotainment and navigation devices). For instance, modern vehicles can have over 100 controllers, or Electronic Control Units (ECUs), that are responsible for running most of the car's functions, such as the steering wheel, engine, braking system, airbags, and navigation systems. When IoT devices include multiple controllers, in some instances the controllers communicate over an internal network within the IoT device (e.g., CANBus).
Like any other externally connected computers, IoT devices (e.g., ECUs in connected cars) are vulnerable to cyber-attacks and have become targets for hackers. For example, controllers on several makes and models of cars, such as the JEEP CHEROKEE, TOYOTA PRIUS, TESLA MODEL S, and NISSAN LEAF, have been successfully targeted and exploited by white hat hackers. Those hackers were able to compromise the vehicles and take command of nearly all of the control aspects, ranging from turning on the radio and windshield wipers to killing the engine while the car drove on the freeway. These exploits caused some of these car manufacturers to issue a recall on affected vehicles.
Cyber-attacks come in many forms and flavors, but they generally share the same basic concepts: find a preexisting security bug (vulnerability) in a system or a network, exploit it, and perform malicious actions (e.g., running malware, eavesdropping on communications, spoofing the identity of others). For example, network packets that are broadcast to network participants without any sort of encryption (or other mechanism to hide/obfuscate the message contents) are susceptible to eavesdropping by other entities on the network. In another example, network communication that uses a common transmission medium (e.g., a bus) to broadcast messages among network participants can be susceptible to network participants spoofing the identity of others on the network (e.g., transmitting messages with the sender field having been modified so that the messages appear to originate from another device on the network).