Chipmaker Intel is research security threats to the electronic systems in cars, according to a report from news agency Reuters.
A team of experts from McAfee, the IT security company Intel acquired in 2010, is searching for security vulnerablities in on-board systems, at a "West Coast garage", the report says.
Cars are increasingly reliant on software. A 2009 article by the Institute of Electrical and Electronics Engineers claimed that high-end cars typically run 100 million lines of code on embedded telemetry, diagnostic and entertainment systems. This makes them vulnerable to information security exploits.
Last year, a report by researchers at the University of Washington and the University of California, San Diego, described a long list of ways to interfere with cars’ on-board systems. These include accessing embedded systems through USB ports on the car, accessing them remotely through short-range wireless technologies, and even long distance wireless access, exploiting the manufacturer’s remote telematics systems.
Interesting Links
There is evidence that criminals are beginning to exploit these vulnerabilities. A recent report on automobile website PistonHeads.com claimed that thieves in the UK are using on-board diagnostic ports, which allow mechanics to access telemetry data from cars, to start cars without triggering the alarm.
The stakes may be even higher than this. Reuters quotes John Bumgarner, chief technology officer of the US Cyber Consequences Unit, as saying that vulernabilities on on-board systems could be used to make cars crash while driving. " You can definitely kill people," he says.
McAfee produced a report on the security of embedded systems in cars in 2011. "The ever-growing number of embedded systems and integrated communications in modern automobiles have provided the convenience and personalisation that consumers crave," the report said. "But 10 years from now, will these same systems continue to hold consumer confidence, or will they quickly become another avenue for malware and breach of privacy data?"