This post is also available in: עברית (Hebrew)
Researching vehicular cybersecurity and its role in future law enforcement was the focus of the first part of a project carried out as a collaboration between Virginia State Police, University of Virginia, MITRE (a not-for-profit company that operates multiple federally funded research and development centers) and private security corporations.
Capt. Jerry Davis of Virginia State police told the Traffic Technology International that the project referred to two aspects of automotive cybersecurity: the protection of the police vehicle fleet from cyber attacks, and the investigation of suspected hacked vehicles at the scene.
Major recommendations to state police departments regarding the security of police patrol cars included the following:
- On-board diagnostics II (OBD-II) port must be included in inspection of police vehicles prior to duty, and any device attached to it should be treated as suspicious
- Monitor new in-vehicle equipment to ensure connectivity or telematics is optional and not standard
- Police department should get cybersecurity training, focusing on attacks on physical systems
- A collaboration should be encouraged between the police and the auto industry, cybersecurity and academia
Within the framework of the project simulated attacks on two types of patrol cars – Chevrolet Impala and Ford Taurus models – were carried out. The research concluded that as there are no wi-fi, bluetooth or telematics options in Virginia State police cars, the vehicles are safe from hacking. However, an attacker can still gain physical access to the vehicle, as during maintenance, when an equipment embedded with malware might be installed at the vehicle.
The project also found that the ability to launch cyber attacks is vehicle-specific, and depends even on the year model. “Hackers would have to develp multiple attacks for different years, makes and models of agency fleets”, said Davis.
The second cybersecurity aspect refers to the forensic analysis of a vehicle at the scene – how do you determine whether a hacking incident has actuatlly occured. The police needs analysis tools. “Ideally you could plug a device into an OBD-II port and be able to take a snapshot of that vehicle. We’ve not reached that point yet”. Here the car manufacturers could have helped by giving the police the information needed on the various car models, however they are reluctant to do so for reasons relating to proprietary data and trust, says Dr. Barry Horowitz from the University of Virginia, to Traffic Technology International.
This is one of the issues that will be researched in the next part of the project now under planning, and which will be of a more expanded scope.