Chris Valasek and Charlie Miller: How to Secure Autonomous Vehicles

Famous car hackers Chris Valasek and Charlie Miller returned to Black Hat to discuss how manufacturers can secure autonomous vehicles.

LAS VEGAS – Concerns over cybersecurity issues in vehicles are nothing new – with worries peaking after the 2015 hack of a Jeep Cherokee that enabled control of  key functions of the  car. And now, the rise of autonomous vehicles are driving a new set of challenges and concerns for the infosec community.

On Thursday security researchers Charlie Miller and Chris Valasek – who carried out that 2015 Jeep hack – said they don’t believe autonomous vehicles are headed on a collision course when it comes to security – at least not yet.

“We know [autonomous car security] is not perfect, but for the time being, it’s something,” said Miller, speaking at Black Hat 2018. Miller and Valasek, who last year joined GM’s self-driving car unit Cruise, also released a new report on the challenges and opportunities behind autonomous driving at the conference.

That said, challenges do remain for manufacturers investing in autonomous driving – including the pace of which technologies are being brought to market versus the tools for securing them.

To counter these road bumps, manufacturers need to invest in important security controls and measures in the future, researchers said.  “Our most concerning attacks are remote and that can result in physical control… our biggest focus is ensuring the safety of passengers,” said Valasek.

Currently, there are several major players in the autonomous vehicle space, mainly focused on ride sharing services – including Waymo, Uber and Cruise. “Major players are focused on cars they can control as part of a ride sharing service – there aren’t really autonomous vehicles you can go buy on your own,” said Valasek.

The market is also set to grow, with Waymo agreeing to buy 62,000 Chrysler Pacifica Minivans over the next few years and Uber agreeing to buy 24,000 Volvo XC90 SUVs, according to Valasek and Miller. Overall, the global autonomous driving market is expected to grow up to $173 billion by 2030, with more manufacturers investing in new automation technologies for their cars.

Credit: Chris Valasek and Charlie Miller

There are also varying levels of self-driving cars – from cars that need driver assistance but feature tools like Lane Keep and Cruise Control, to those with partial automation that can control all elements of driving but still need a driver – all the way up to full automation, where no human driver is needed.

These vehicles utilize different hardware from standard cars, which are more expensive and serve different purposes. That includes a sensor suite made up of a big rack with HD cameras and radar (which helps the car navigate) and Lidar (which sends out light pulses and gets back feedback).

Miller stressed that autonomous cars don’t rely solely on GPS, which has caused concern for researchers when it comes to non-autonomous cars.

“You might think that self-driving cars use GPS but they don’t rely on it – it’s not accurate enough,” said Miller. “Location is determined by sensors and Lidar readings that compare to an internal map. This is much more accurate than GPS or other technologies.”

Autonomous vehicles will also have “supercomputers” for compute power, as well as Ethernet-based connections (most components used in self-driving cars are Ethernet, not CAM, said Miller) for connecting its sensors and computer to the underlying vehicle. Finally, they will have a UX system, which is usually a human-facing device such as a tablet that allows users to start their car.

A big challenge that the autonomous vehicle market currently faces is the pace which these new technologies are being brought to market, the researchers said.

It’s important to note that autonomous vehicles are made up of the base vehicles – but also new autonomous-focused hardware and software that are being developed at rapid pace and need to be secured, researchers said. It is difficult to secure a base vehicle as well as the autonomous technologies behind it because the software is written for the self-driving portions and is happening at a faster pace than the base vehicle development.

“While this pace does spur innovation, it can be hard to perfect security controls as a product is being tested and developed,” Valasek and Miller said in their whitepaper.

Another challenge is Ethernet as a communication tool for the cars’ input, decision making and movement. Device manufacturers who are developing Ethernet vehicle components are lagging behind, and more advanced Ethernet security mechanisms such as 802.1x are probably not possible on these low cost, low power devices, researchers said.

What steps can car manufacturers take to make sure that their autonomous vehicles aren’t hacked? The best known defense techniques leverage known best practices for the enterprise and industrial control system networks, Valasek and Miller stressed.

That includes trusted execution so that when the AV boots up, the running code will be verifiable be from the vehicle owner. “We do this by using technologies like secure boot to cryptographically verify the code through a trusted chain anchored by a key in a write-protected portion of the computer. So, the BIOS/firmware will verify the bootloader, which verifies the kernel, which verifies the software image,” researchers said.

Importantly, network segregation is also necessary to isolate connected components – so devices such as the communication module,  CAN bus, the main compute module, and the tablet should all be isolated as much as possible.

Finally, cars should bootstrap cryptographic keys, secure key store and encrypt data at rest.

“To many, it may be news that there are a multitude of different components, both in the AV stack and underlying base vehicle, that permit a vehicle to operate autonomously,” said Valasek and Miller. “We also found out there are, much like any project, many different problems and solutions to securing our driverless revolution.”

Suggested articles