1. The site is migrating to a new server this week, so there will likely be some downtime during that process. You can follow along here for updates.

Prius tested for virus susceptibility

Discussion in 'Gen 2 Prius Audio and Electronics' started by mdb654, May 10, 2005.

  1. mdb654

    mdb654 Junior Member

    Feb 20, 2005
    Finnish security firm was unable to transfer a virus to the car via bluetooth.


    I love the fact that they borrowed a car to test this. "Excuse, I'd like to borrow your car to see if I can infect it with a virus." "Oh yeah, sure, here ya go!"
  2. jayman

    jayman Senior Member

    Oct 21, 2004
    Winnipeg Manitoba
    2004 Prius
    I think this was first reported by a Russian antivirus firm. Yep, leave it to ex-KGB trolls to figure out a way to spread fear to the masses. Movies like Terminator 3: Rise of the Machines didn't help either.

    In theory, I suppose it *might* be possible to pull off such a hack if the onboard RTOS became more promiscuous with the outside world, especially if a wireless interface is used between the car and the scantool. That would be a nightmare, unless you could easily flash new security protocols to the scantool interface.

    This is the concern I have from an industrial process control perspective. A lot of clients are using short-range WIFi instead of running expensive cable to a remote transmitter. This gives an enterprising hacker a direct view inside the plant process system, and the "security" is marginal at best.

    I can recommend such things as hardware routers and firewalls, but then the cost "advantage" over a conventional wired transmitter evaporates. And let's face it, most industrial techs are a lot more familiar with 4-20 mA analog signals than with weird protocol stacks and emulators.

    For the most part, I highly doubt a Bluetooth-equipped Prius can be hacked by compromising the Bluetooth stack. The onboard RTOS, in this case CANBus and LIN stack extensions, don't allow the two-way transfer from the phone to the internal car network. For the most part, LIN is a low priority extension and isn't allowed higher priority.

    CANBus is Timing Triggered and also highly specialized wrt how the stack is built and how you can hook into the stack. You must have a great deal of knowledge of CANBus protocol to even understand what the system is saying.

    CANBus expects an exactly-framed message, wrt header and data, before it will even look at the message. Much like other industrial protocols such as Foundation FieldBus or ControlNet, it's light years easier to just hack the control room display interface, which is almost always a Windows XP OS.

    That's the same as aviation fly-by-wire systems. The onboard RTOS is actually three separate OS's, so even if one OS is compromised, the other two can maintain control.

    The pilot chart system for preflighting, using Jeppesen, is actually run on Windows. It's relatively easy to infect the preflighting system with a computer virus, but so what?

    At the worst, this is an inconvenience to the pilot who then must manually enter data into the CFMS. The Windows OS that runs the preflighting system and the CFMS don't even speak the same protocol, all the CFMS is looking for is coordinates, nothing else.

    The aircraft onboard maintenance mode actually writes information to a standard 3.5 computer disk. You can stick a disk with all sort of boot-sector worms and viruses into the plane and nothing happens. The RTOS only allows downloading data, it refuses to upload anything.
  3. DaveinOlyWA

    DaveinOlyWA 3rd Time was Solariffic!!

    Apr 13, 2004
    South Puget Sound, WA
    2013 Nissan LEAF
    gee another thing Toyota did right... what a surprise...

    great post mdb654, good info to know