feature article
Subscribe Now

Meet the CAN Invader – How Can Automotive Ethernet Curb Car Theft?

There’s a car-theft gang in Atlanta that’s stealing late model, high-end Toyota and Lexus vehicles by hacking the cars’ CAN (car area network) Bus. Apparently, this type of car theft originated in Japan, where criminal hackers have developed a device called a CAN Invader that can shut off the vehicle’s immobilizer, unlock the car’s doors, and start the car once the thief physically hacks into the vehicle’s CAN Bus. Apparently, gaining physical access is distressingly easy. Toyota and Lexus vehicles have a vulnerable node near the driver-side front wheel well. By unclipping and peeling back the inner plastic fender liner surrounding the front wheel, thieves can unplug a CAN Bus connector from a headlight ECU (electronic control module) and plug the CAN Invader into the freed cable. Punch a button on the CAN Invader and the car’s yours to drive away.

This sort of access to a vehicle’s CAN Bus network won’t surprise anyone who has or has used an OBD-II (On-Board Diagnostics) scanner, which plugs into a socket under a car’s dashboard and can extract a wealth of diagnostic information about the car from the CAN-connected ECUs. More advanced, bidirectional OBD-II diagnostic tools can also actuate any switch or take control of other vehicle functions. The surprise for me is that the car is equally open to such intrusive probing from an innocuous connector that’s easily accessible from outside of the car. In Toyota and Lexus vehicles, it appears this targeted connector is part of the headlight wiring.

The physically vulnerable ECU controls the high- and low-beam headlights and the turn signals. Once thieves realized that there’s easy external access to all vehicle functions through this connector, development of a one-button tool for stealing a car was inevitable. During an interview on an Altium ONTRACK podcast, CAN expert Ken Tindell, CTO of Canis Automotive Labs, explained:

“So for example, one of the cars we’re looking at, the engine immobilizer ECU’s on the powertrain side. So are the headlights. So you crack open the headlights and you pull the connector off the back of the headlight ECU, plug into that, and now you can directly send commands to the engine immobilizer saying, ‘Hey, I’m the key fob, and I say it’s okay to drive.’ And it’s like, ‘Okay.’”

This problem is symptomatic of any unprotected network, in a vehicle or in a data center. There’s no good reason you should be able to unlock doors and start a vehicle from a cable plugged into a headlight ECU other than a lack of design foresight. A properly secured network would never allow such a thing to happen. However, when the CAN Bus was conceived in the 1980s, it was not developed as a secure network. Combining an unsecured network with easy external physical accessibility seems like an invitation for disaster. As John Parker, the Black Lectroid from Planet 10 in the 1984 movie called The Adventures of Buckaroo Banzai Across the 8th Dimension, said with his thick Jamaican Rasta accent: “It is a very bad design.”

The potential for more hacking mischief and mayhem grows as automobiles become like software-defined vehicles and appear as wireless edge nodes in the ever-expanding Internet. There will always be people in society who want to hack into vehicles (and everything else) for profit or just for the pleasure of wreaking havoc on their fellow citizens. In an unconnected matter, the ability to hack into a vehicle using only a mobile phone has already been demonstrated.

Vehicular network security was a keynote topic at last month’s NXP Connects conference held in Santa Clara, California. Claude Gauthier, Director of Strategic Innovation for Automotive Ethernet Solutions in NXP’s In-Vehicle Network Group, presented that part of the keynote. Gauthier is also the vice chair of the Automotive SerDes Alliance, which has been developing increasingly fast SerDes PHYs for automotive applications. The alliance started with 100Mbps Ethernet and now has design solutions to 10Gbps, with 25Gbps designs under development. Based on this background, Gauthier’s vision for automotive networks is heavily biased towards Ethernet, but that’s a safe bet because Ethernet’s history includes a long series of conquests in any network market it enters.

Gauthier explained that automobile design is becoming more holistic, which will shape the way future designs integrate networks and ECUs. Current design is mainly domain-based, with separate ECUs designed for specific functions including body control, in-vehicle infotainment (IVI), automated driver assist systems (ADAS), connectivity (wireless connections to the outside world), and propulsion. Long-time car makers such as Ford, GM, and Fiat Chrysler have developed a multitude of domain-based, legacy ECUs while new car makers such as Tesla are starting from scratch. Gauthier discussed several more unified network architectures including body zonal networks, which create zones based on location in the vehicle, cross-domain zonal, which is based on a central automotive computer and is therefore a more optimal design for a software-defined vehicle (SDV), and a “consolidated compute” system approach, which is designed to handle even more in-vehicle network bandwidth by consolidating traffic through several network zone aggregators.

These four network organizations appear in Figure 1 below. The cross-domain zonal and consolidated compute network architectures shown in Figure 1 have a central vehicle computer at their core, which would operate an autonomous vehicle.


Figure 1: Software-defined vehicles (SDVs) will require increasingly sophisticated in-vehicle network architectures. Image credit: NXP.

Figure 1 illustrates the growing bandwidth needed in these evolving in-vehicle networks through the thicker and thicker lines used to interconnect various functions. The main driving force behind this need for more bandwidth is the increasing use of video cameras in a car’s design. Cars with ADAS and autonomous driving systems use multiple video cameras, and adding even one camera to a zone can consume that zone’s network bandwidth. Overall, cameras consume 90 percent of a car’s network bandwidth, he explained. It’s better, said Gauthier, to put that video traffic on a high-bandwidth network backbone.

During a pre-keynote interview at NXP Connects, Brian Carlson, a Global Marketing Director at NXP, compared the various systems in a vehicle to various systems in the human body. He made the following comparisons:

  • Skeletal and nervous systems – Vehicle electrical/electronic architecture, networking, sensors
  • Muscular system – Vehicle dynamics control (motor, traction control, chassis, etc.)
  • Respiratory and digestive systems – Electric vehicle charging, power conversion, battery management
  • Immune and lymphatic systems – Vehicle security, intrusion-detection and -prevention, security updates
  • Endocrine system – Vehicle management including intelligent power management
  • Cardiovascular system – Vehicle data management and software over-the-air (OTA) updates

Whether you agree with these body-vehicle systems comparisons or not, it’s clear that modern vehicles are systems of interconnected systems, with high-speed networks in the vehicle serving the same purpose as the human body’s central nervous system.

Unsurprisingly, NXP has a line of SoCs and multiple software stacks, collectively called the S32 Vehicle Compute Platform, which is intended for use in developing these more advanced vehicle networks and the associated ECUs. Ethernet networks are a part of the S32 Vehicle Compute Platform’s strategic roadmap, because the adoption of Ethernet as an in-vehicle networking scheme can leverage all relevant Ethernet development work including IEEE time-sensitive networking (TSN) standards and the multi-layer approach to network security that’s been developed for other Ethernet applications such as in data centers.

What’s prevented auto manufacturers from adopting Ethernet networking earlier is absence of need (now countered by the increasing use of video cameras in cars) and the increased cost of Ethernet networking compared to the low cost of the mature CAN Bus. However, the exponential increase in the use of electronics in vehicles now demands more performance than the CAN Bus can provide, while efforts like the Automotive SerDes Alliance continues to reduce the cost of automotive Ethernet networks, so the shift to Ethernet is inevitable. Automotive design will evolve.

Of course, adoption of an Ethernet-based, in-vehicle network will obsolete existing OBD-II scanners and diagnostic tools the way that electronic fuel injection, coil packs, and computer-driven engine timing have obsoleted the old automotive engine timing lights and tach-dwell meters. Those older tools are fine for working on vintage vehicles, like the 1958 DeSoto Firedome that I once owned, but they’re not useful for tuning today’s fully instrumented, computer-controlled cars. The older, short-lived OBD standard even allowed for some rudimentary troubleshooting with a multimeter or even a simple continuity light, but you can’t do those simple tests with OBD-II systems and certainly I don’t expect that kind of simplicity from a similar Ethernet-based network test standard. But that’s the price of progress, isn’t it?

Ob la di (OBD-I), ob-la-da (OBD-II), life goes on, bra

La-la, how the life goes on

Ob-la di, ob-la-da, life goes on, bra

La-la, how the life goes on

— The Beatles, 1968

One thought on “Meet the CAN Invader – How Can Automotive Ethernet Curb Car Theft?”

Leave a Reply

featured blogs
Nov 27, 2023
Most design teams use the schematic-driven connectivity-aware environment of Virtuoso Layout XL. However, due to the reuse of legacy designs, third-party tools, and the flexibility of the Virtuoso platform, a design can lose binding and connectivity. Despite the layout being ...
Nov 27, 2023
Qualcomm Technologies' SVP, Durga Malladi, talks about the current benefits, challenges, use cases and regulations surrounding artificial intelligence and how AI will evolve in the near future....
Nov 27, 2023
See how we're harnessing generative AI throughout our suite of EDA tools with Synopsys.AI Copilot, the world's first GenAI capability for chip design.The post Meet Synopsys.ai Copilot, Industry's First GenAI Capability for Chip Design appeared first on Chip Design....
Nov 6, 2023
Suffice it to say that everyone and everything in these images was shot in-camera underwater, and that the results truly are haunting....

featured video

Dramatically Improve PPA and Productivity with Generative AI

Sponsored by Cadence Design Systems

Discover how you can quickly optimize flows for many blocks concurrently and use that knowledge for your next design. The Cadence Cerebrus Intelligent Chip Explorer is a revolutionary, AI-driven, automated approach to chip design flow optimization. Block engineers specify the design goals, and generative AI features within Cadence Cerebrus Explorer will intelligently optimize the design to meet the power, performance, and area (PPA) goals in a completely automated way.

Click here for more information

featured paper

3D-IC Design Challenges and Requirements

Sponsored by Cadence Design Systems

While there is great interest in 3D-IC technology, it is still in its early phases. Standard definitions are lacking, the supply chain ecosystem is in flux, and design, analysis, verification, and test challenges need to be resolved. Read this paper to learn about design challenges, ecosystem requirements, and needed solutions. While various types of multi-die packages have been available for many years, this paper focuses on 3D integration and packaging of multiple stacked dies.

Click to read more

featured chalk talk

High-Voltage Isolation for Robust and Reliable System Operation
In this episode of Chalk Talk, Amelia Dalton and Luke Trowbridge from Texas Instruments examine the benefits of isolation in high voltage systems. They also explore the benefits of TI’s integrated transformer technology and how TI’s high voltage isolations can help you streamline your design process, reduce your bill of materials, and ensure reliable and robust system operation.
Apr 27, 2023