Security of computer networks used to be a concern primarily of those relying specifically upon computers for work or research and whose computers were connected via various network schemes to be able to exchange data or share resources. Initially, the majority of computer networks were limited in scope to a single office or perhaps a single building. If a computer was available in the home, it was generally a standalone device.
With the advent of the Internet, computers all over the world became essentially networked together. Even home computers may be networked together via Wi-Fi and recent research reveals that well over half of U.S. households have Internet access in the home. As the interconnectedness of personal and work computers has increased, cybersecurity threats have grown. Malicious websites, hacking, and phishing scams are now common. Responses to these threats have grown increasingly sophisticated as well but it is unlikely that any networked computer system can be made absolutely un-hackable while retaining acceptable usability.
The increasing availability of robust microcontrollers at lower costs has also resulted in the computerization of more and more automotive systems. Engines, transmissions, anti-lock braking systems, suspensions, instrument displays and many more vehicle systems are now commonly operated by a microcontroller. A driver of a vehicle may not realize that he or she may be less in control of the vehicle systems than providing inputs to microcontrollers that, in turn, operate the vehicle systems. Furthermore, it is not simply passenger vehicles that are highly computerized but many if not most commercial vehicle systems as well.
It is often useful or necessary that one vehicle computer or microcontroller be able to communicate with another (for example, the response of an engine to driver inputs may depend in part on the state of the transmission). Therefore, protocols have been developed that provide for networking ability within the vehicle itself. One such protocol for allowing communications between computerized systems on the same vehicle is the Controller Area Network (CAN) bus. This is a widely-deployed standard allowing various vehicle subsystems to communicate without a centralized host computer dedicated to the task. More information about the CAN standard is specified in ISO 11898-1, ISO 11898-2, and ISO 11898-3 available from the International Organization for Standardization. Although the CAN bus is widely implemented in automobile systems (including heavy commercial vehicles), it is not necessarily limited to this application.
Computers and microcontrollers deployed in automotive systems are generally not programmable via the normal vehicle controls and, if so, the extent of programming is very limited (for, example, programming an automatic seat adjustment setting). This preserves some security and integrity for all of the automotive systems on the bus. However, there is currently no fundamental barrier to preventing a compromised device or controller with access to the vehicle bus from being able to provide malicious or simply unwanted data or commands on to the bus. Stories have already been reported of the ability of hackers, at least conceptually, to hack vehicle systems.
Another issue that may further degrade the security of electronic components on a vehicle data bus is the increasing presence of devices and systems that are not only given access to the vehicle data bus, but also to the Internet at large. Systems exist today that access data via a CAN bus or other system and share such data over the internet via satellite or other means. One class of such devices are so called electronic logging devices (ELD) that are becoming mandated for hours of service tracking for commercial vehicles. Such devices access the CAN bus to receive such information as when a vehicle is moving or whether it is running. Some ELD devices share data with a remote host computer via satellite and/or other internet connections. Although every effort may be made to ensure the security and integrity of the ELD or other device accessing the vehicle data bus, some means of physical security is currently believed to present the only full-proof way to address the issues.
What is needed is a system and method for addressing the above, and related, issues.