Security Experts Demonstrate Ability to Remotely Crash a Jeep Cherokee

As reported by TechXplore: A pair of cybersecurity experts has demonstrated to a writer for Wired magazine, an ability to remotely hack into a Jeep Cherokee and take over some of its functions, and at least in one case, to cause the vehicle to run into a ditch. The demonstration was staged by security hackers Charlie Miller and Chris Valasek and Wired writer Andy Greenberg—the purpose was to showcase the increasing vulnerability of modern cars and trucks to hacking.

Hacking Demonstration

Over the past several years car and truck makers have introduced cellular technology into vehicles to offer customers over-the-internet services, such as automatically monitoring vehicle systems and offering assistance if it appears it is needed. Such systems can alert service workers who can in turn alert authorities for example, if it appears a vehicle has crashed. But that has led to a new type of danger Miller and Valasek insist, drivers and their vehicles are becoming more vulnerable to hacking of the type that can put them at risk of physical harm.

In the demonstration, Greenburg drove the vehicle on a public highway, while Miller and Valasek hacked into its onboard systems from a remote location. They took over the A/C system and the radio, and at one point squirted fluid on the windshield. Then, they caused the accelerator to stop working which of course caused the vehicle to slow suddenly on a freeway. Continuing the experiment, Greenburg drove to an abandoned lot where the hackers disabled his brakes, causing him to drive into a ditch.

The hack was possible due to a lot of work on the part of the security experts, they have been studying onboard vehicle systems for a couple of years and are set to give a talk at this year's Black Hat conference outlining what they have found. They have also been "working" with car makers, keeping them abreast of their findings—Chrysler for example has already put together a patch to protect vehicles such as the Jeep Cherokee that come with the company's Uconnect infotainment system. Owners of vehicles have to download the patch and apply it via a USB stick or have a dealer do it for them. But that is beside the point, the security duo claim, the real issue is that vehicle makers are adding vulnerabilities to vehicles without doing the work required to keep hackers from taking them over and either bricking them, or causing harm.

In an additional report by BBC News, a European security group was able to show that several car infotainment systems are vulnerable to a hack attack that could potentially put lives at risk.  NCC Group said the exploit could be used to seize control of a vehicle's brakes and other critical systems from the infotainment systems.

The Manchester-based company told the BBC it had found a way to carry out the attacks by sending data via digital audio broadcasting (DAB) radio signals.  It coincides with news of a similar flaw discovered by Chris Valasek and Charlie Miller.  However, NCC's work - which has been restricted to its labs - points to a wider problem.

NCC Group was able to transmit the DAB signal using a laptop and a box made from easy-to-source parts

The UK's Society of Motor Manufacturers and Traders has responded by saying that car companies "invest billions of pounds to keep vehicles secure as possible".

Breached brakes
NCC demonstrated part of its technique to BBC Radio 4's PM program at its offices in Cheltenham.

By using relatively cheap off-the-shelf components connected to a laptop, the company's research director, Andy Davis, created a DAB station.  Because infotainment systems processed DAB data to display text and pictures on car dashboard screens, he said, an attacker could send code that would let them take over the system.

Once an infotainment system had been compromised, he said, an attacker could potentially use it as a way to control more critical systems, including steering and braking. Depending on the power of the transmitter, he said, a DAB broadcast could allow attackers to affect many cars at once.

"As this is a broadcast medium, if you had a vulnerability within a certain infotainment system in a certain manufacturer's vehicle, by sending one stream of data, you could attack many cars simultaneously," he said.  "[An attacker] would probably choose a common radio station to broadcast over the top of to make sure they reached the maximum number of target vehicles."

Mr Davis declined to publicly identify which specific infotainment systems he had hacked, at this point.

Lab simulation
In many ways, modern cars are computer networks on wheels.  Mike Parris, of SBD, another company that specializes in vehicle security, said modern cars typically contained 50 interlinked computers running more than 50 million lines of code.

By contrast, he said, a modern airliner "has around 14 million lines of code".

The addition of automated car controls is creating new opportunities for hackers

Such technology allows the latest cars to carry out automatic maneuvers. For example, a driver can make their vehicle parallel park at the touch of a button.

Mr Davis said he had simulated his DAB-based attack only on equipment in his company's buildings because it would be illegal and unsafe to do so in the outside world.

But he added that he had previously compromised a real vehicle's automatic-braking system - designed to prevent it crashing into the car in front - by modifying an infotainment system, and he believed this could be replicated via a DAB broadcast.

"If someone were able to compromise the infotainment system, because of the architecture of its vehicle network, they would in some cases be able to disable the automatic braking functionality," he said.

Tesla Model X Crossover Will Get 'Ludicrous' Mode, Too

As reported by Popular Mechanics: On Friday, Tesla rocked the automotive world by announcing "Ludicrous Mode," a battery and circuitry upgrade that ​makes the new top-of-the-line Model S P90D capable of 0-60 in just 2.8 seconds. All that fun's not just for the sedan set, though:Bloomberg reports that Elon Musk promises the upcoming Model X crossover will also have the option of Ludicrous acceleration.

Thanks to some added mass, the Model X will "only" be capable of sprinting 0-60 in an estimated 3.3 seconds in Ludicrous Mode, Musk said. "We haven't tested it yet, to that's just a guess," he admitted, adding, "that's mad for an SUV, obviously."

It sure is: The next-fastest crossovers we can think of are the Porsche Macan Turbo and Mercedes-Benz GLA45 AMG, both of which take a full 4.2 seconds to reach 60, and neither of which offer the Model X's seven-passenger capability and goofy/awesome gullwing doors.

Of course, you can walk into a Porsche or Mercedes store and buy either of those hot crossovers today. Meanwhile, the oft-delayed Model X is now promised "in a few months," per Musk. We've been hearing that tale for some time now.

As for the long-promised Model 3, the affordable family sedan from Tesla? Musk says that one is "on track in just a few years."

Big Automakers Need Nokia's Maps for their Driverless Car Future

As reported by Popular Science: The future landscape of the autonomous car industry is beginning to take shape with the impending acquisition of Nokia’s mapping software, Here, which already has a focus on “humanised driving.”

German companies Audi, BMW, and Daimler are reported to be making a deal with Nokia to buy the mapping software for more than $2.7 billion.

With this software, these automakers would be positioning themselves to compete in a market soon to be flooded with autonomous taxis by Uber and Google, and be able to offer comparable or premium autonomous driving products. Apple is also reportedly building their car, supported by their hires of a robotic car expert and senior executive from Chrysler, and ex-Tesla designers. (Not to mention potentially having the most-used map data in the world.)

It's also worth noting that Audi has already been developing its own autonomous, or "piloted," cars. In April, an Audi A7 named "Jack" drove a 550-mile span from Silicon Valley to Las Vegas, although the underlying map program wasn't made clear. Another company, Cruise Automation, announced a product that adds driverless capabilities to specifically the Audi A4 or S4, that works on certain California highways.

A robust map data set is crucial to operating an autonomous car--if the car doesn’t know where to go, it can’t go anywhere. Nokia identified this early on, and has already used its LIDAR-equipped cars to create high-definition maps of certain roads and highways, accurate down to 20 centimeters, according to the company. Their LIDAR (Light Detection And Ranging) system features 32 lasers mounted on a car, concurrently collecting 700,000 data points per second at distances of more than 200 feet. (Think the Terminator of remote mapping cars.)

Here's a look at what Here LIDAR data looks like, when put to use in a city like Philadelphia:

Nokia's Here has already used this to maps streets in Silicon Valley, Michigan, France, and Germany, which they announced would be made public yesterday. They’ve also announced a partnership with Mcity, the University of Michigan’s 32-acre faux city solely populated by autonomous vehicles.

Nokia’s Here is is far more accurate than even Google’s Street View car (or Trekker or Trolley or Snowmobile). And Uber, while it recently acquired Bing’s mapping services, has similar, albeit less robust, mapping data to Google. Uber was initially reported to be bidding on Nokia’s services, but dropped out a few weeks ago, according to Reuters.

The ridesharing company has a wealth of data from their drivers, but given that the whole point of the app is a decentralized marketplace for rides, don't expect your Uber driver to sport a LIDAR array anytime soon. Apple, on the other hand, also has mapping vans out on the road. All of which is to say: for companies looking to provide cars in our increasingly autonomous future, maps are a necessary cost of doing business — either making maps of their own from the ground up, or buying them.

Home Made Handgun Drone Attracts FAA Investigation

As reported by GizMag: If you've ever fumbled at the controls of a drone, then the following might make you a little uneasy. An 18-year-old mechanical engineering student has affixed a semi-automatic handgun to a custom-built drone and demonstrated its firepower in a video that has quickly attracted the attention of the authorities.

The video simply titled "Flying Gun" appeared on YouTube on July 10 and has since attracted more than two million views. It shows the home made multi-rotor floating at about chest height amongst the trees and firing off four shots, recoiling and repositioning itself after each discharge.

According to NBC, the flying weapon was created by Austin Haughwout, a student at Central Connecticut State University, and the video was shot on his family's property in Clinton, Connecticut. Haughwout and his father Brett are adamant that they haven't broken any laws, a position that has been backed up by local police. But that doesn't mean authorities are entirely happy with their little experiment, either.

"Our number one job in law enforcement is public safety, first and foremost, the protection of the citizens of the community we serve," Sgt. Jeremiah Dunn, of the Clinton Police Department is quoted as saying. "That’s alarming."

The flying gun has also drawn the attention of the FAA, which has announced it will launch an investigation into the event to ascertain whether or not any rules around air safety were broken.

"The FAA will investigate the operation of an unmanned aircraft system in a Connecticut park to determine if any Federal Aviation Regulations were violated. The FAA will also work with its law enforcement partners to determine if there were any violations of criminal statutes," said Jim Peters, a spokesperson for the FAA.

University of Michigan Opens 32-Acre Driverless Car Test Center

As reported by Mashable: Detroit has long been the home of all things automotive in the U.S., and it doesn't want to cede its position to Silicon Valley when it comes to driverless cars.

The University of Michigan announced Monday it was opening a 32-acre testing facility at its Ann Arbor campus for the development of driverless cars called Mcity.

The facility, which is about 45 miles away from Detroit, will be an immersive simulation of different driving environments. Mcity will feature varying road conditions, construction hazards, road signs deteriorated with graffiti and building facades. It was designed by the Michigan Department of Transportation and the University of Michigan Mobility Transformation Center (MTC).

Mcity received large investments from a variety of automakers including Honda, Ford, GM, Toyota and Nissan as well as tech companies like Verizon and Delphi. Ford has already been testing autonomous cars at the facility, according to a Bloomberg report.

IMAGE: UNIVERSITY OF MICHIGAN

MTC has also expressed interest in testing vehicle to vehicle (V2V) communications at the facility, where connected cars "talk" to each other and to city infrastructure. One of the goals of the project is to have autonomous vehicles testing on Ann Arbor streets by 2021.

This new facility comes at a time when the testing of autonomous cars is spreading out all over the U.S.: Daimler is testing self-driving semi trucks in Nevada; Google recently brought a pair of its cars to Austin; Virginia is opening its public highways for testing.

Cars with autonomous functions will have to be incredibly well-developed before they can be sold to the general public, so extensive testing in a variety of environments is a must. Driverless cars already face much skepticism from the public, and the press hasn't helped matters.

Mcity should also be a boon to the many automakers who are either based in Detroit or have their U.S. operations headquartered there.

“The Google folks are kind of strutting their stuff. They’ve got nothing on us. This is the center of the universe. This is Michigan, it’s not California. We’re not going to let Silicon Valley take this technology, ” Michigan Senator Gary Peters said Monday, as reported by Bloomberg.

A grandiose statement, but one which does reflect the long history of making cars in Michigan."

A Failed Strut Caused the SpaceX Rocket Explosion

Stages of a SpaceX Falcon 9 rocket being assembled.

As reported by The Verge: The SpaceX explosion on June 28th was caused by a failed strut in the rocket's upper stage liquid oxygen tank, SpaceX chief executive officer Elon Musk said today. The strut was one of several hundred used to hold together the helium pressure vessels in the tank, which help to pressurize and maintain the buoyancy of the rocket. According to Musk, the strut was designed to handle 10,000 pounds of force, but failed at just 2,000 pounds of force.

"THIS IS THE BEST OF WHAT WE KNOW THUS FAR."

"This is the best of what we know thus far," said Musk during a press conference. "We emphasize this is an initial assessment, and further investigation may reveal more over time."

The strut was a steel rod that’s about two feet long and one inch thick. Struts like the one that failed have flown on several previous Falcon 9 flights before. Musk says SpaceX still doesn’t know why the steel rod snapped, but it’s possible that its material was faulty. Musk didn’t name the strut's supplier, but did say it may be that one strut of thousands wasn’t up to code.

When the strut snapped, the helium tanks released a lot of helium into the upper-stage liquid oxygen tank, Musk said. That put too much pressure on the tank and caused it to explode.

The Dragon capsule, filled with supplies for the International Space Station, survived the explosion and continued to communicate data to ground control for a while afterward. If the Dragon had been equipped with different software, the capsule what have been able to deploy its parachutes and save its contents. Future versions of the Dragon cargo capsule will have this capability, Musk said.

"It's the first time we've had a failure in seven years so, to some degree, the company as a whole got a little complacent," said Musk. "Especially with all the successes in a row, I think this is an important lesson and something we'll take with us into the future."

"THIS IS AN IMPORTANT LESSON AND SOMETHING WE'LL TAKE WITH US INTO THE FUTURE."

Nearly a month ago, SpaceX's Falcon 9 disintegrated during its ascent to the International Space Station. SpaceX has a contract with NASA to launch commercial resupply missions to the station; that rocket launch was the seventh of 12 planned missions. The Falcon 9 was carrying 4,000 pounds of supplies, including food and water for the station's crew and a new International Docking Adaptor. The IDA, meant to be mounted on the outside of the station, will allow future US crewed spacecrafts from commercial spaceflight companies to dock with the ISS. SpaceX and Boeing have contracts to ferry astronauts to the ISS beginning in 2017.

At the 2015 ISS Research and Development Conference, Musk described the failure as a "huge blow for SpaceX." Up until the June incident, SpaceX has had an impeccable launch record. This recent rocket loss was the first major failure out of 19 total Falcon 9 launches. As a result of the accident, SpaceX postponed its next scheduled launch of the Falcon 9, which was originally slated for August 9th. The mission, which doesn't have a definitive launch date yet, will carry the National Oceanic and Atmospheric Administration's Jason-3 Earth observation satellite to orbit.

Drones’ Agenda, 5GB of New Wireless Spectrum

As reported by EE Times: As the term UAV (unmanned aerial vehicle) suggests, drones are supposed to fly autonomously. And there’s the rub.

Unresolved questions for regulators and drone manufacturers are: a) how drones, while flying, can maintain a reliable communication link with the ground for “command and control,” and b) if so, what communication spectrum is available.

Panelists on the recent EE Times’ Radio Show on drone talk debated what lies ahead for commercial drones.

Michael Drobac

As currently proposed rules for commercial drones are written (proposed in Feb. by FAA), drones are banned from flying at night and operating beyond line-of-sight. More important, under proposed rules, “drones can’t fly over personnel unrelated to a [drone] project,” noted lobbyist Michael Drobac, executive director of the Small UAV Coalition, during the radio show. In essence, “you are for the most part prohibiting the use of drones for commercial purposes all together,” stressed Drobac.

The irony of the proposed drone regulation is that it permits “no robotization.”

“It’s as if we are putting some sort of manned overlay over what’s supposed to be an unmanned system,” Drobac summed up.

The chief concern that emerged during the drone debate is the communication link between drone and pilot. The key question is whether drones need a dedicated communication spectrum, or if Wi-Fi and cellular communication links suffice.

5GHz for dedicated drone communication
The drone industry will be getting two bands they can use for dedicated communication.

Jim Williams

The World Radio Conference, which takes place every four years, has already approved — in 2012 — “a spectrum around 5GHz” for command and control of UAVs, explained Jim Williams, ex-FAA chief. 

This is a vacant band originally set aside for “microwave landing systems.” It’s designed as an all-weather, precision landing system for aircraft. This spectrum has since been made obsolete by the wide availability of GPS, he said. Hence, it’s unused.

There is also “a small chunk of L-band around 1GHz” – originally set aside for aircraft to see ships at sea — now approved for dedicated drone communication, he added.

During the radio show, Williams acknowledged that a handful drones today are permitted to fly in the United States beyond line of sight and over people. But one of the requirements is that they have “reliable communication between a pilot and an aircraft.”

Those drones with permission to fly beyond line of sight, for example, depend on relatively unregulated public frequencies used by Wi-Fi and mobile phones. Williams noted, “But those [frequencies] are set up in such a way that is not tremendously reliable, since when a lot of people are using it, your range drops.” In some incidents, drones flew away when signals got jammed, he added.

Although drones are getting smarter and are dealing with [such potential problems], Williams insisted, “Reliable communication is a key for the [drone] industry.” For that, the world is moving toward allowing drones to use a dedicated spectrum – within 5GHz – for their communications.

Yannick Levy

Asked about the reliability of Wi-Fi and cellular networks as communication links, Yannick Levy, vice president, corporate business development at Parrot, said, “As a drone maker, I’d like to say that both Wi-Fi and cellular networks are good networks, developed by professionals. They have redundancy in place.” But he acknowledged that The French Civil Aviation Authority (Direction générale de l'aviation civile, DGAC) doesn’t allow commercial drones to use cellular networks, either. “They want a special network dedicated to drone flight.”

What about Delair-Tech, the French drone company known as the first civilian UAV in the world approved by an official government agency to fly beyond visual line-of-sight?  Delair-Tech’s drones use 3G for communication.

Levy said Delair-Tech is one of the French drone companies who exempted to fly beyond visual line of sight, with their drones having a cellular modem onboard. “Their intent is trying to demonstrate that it works.”

Who will manage the spectrum?
Although the FCC recently changed the U.S. table of allocation – issuing rules about what can and can’t be done to various portions of spectrum, drones can’t yet begin to transmit signals on those bands.

According to Williams, “channelization schemes” need to be worked out, which are essentially rules about how much power you can transmit, what center frequency you have to use and what out-of-band power you can tolerate, etc.

The Radio Technical Commission for Aeronautics (RTCA) is working to establish such rules. They’re due next summer. The regulatory process will start afrer that's done, said Williams.

The big question, however, is spectrum management. “Who’s going to… assign those channels to users,” the ex-FAA chief noted. “There really isn’t enough [spectrum] to pass out to all users and take all comers.”

An industry consortium or a government process must be put in place, and that’s when “a non-traditional approach” may be needed, observed Williams. “The traditional approach would take 10 years to get through this, and this is where the industry push is necessary so that they can start taking advantage of the spectrum.”

Compete with Wi-Fi?
As much as a dedicated drone communication spectrum makes sense, the 5GHz spectrum currently can’t be accessed by Wi-Fi chips.

According to Williams, new drone spectrum wouldn’t compete with Wi-Fi, because this is an “unused, clean band.” But Parrot’s Levy pointed noted that this isn’t exactly good news for drone makers like Parrot who thrive on standards components used in smartphones to keep the cost down. If the FAA assigns drones to the newly dedicated spectrum, drones can no longer use widely available, cheap Wi-Fi chips. Ergo, more expensive drones, he said.

During the online chat on the EE Times Radio Show, the ex-FAA drone chief reiterated why the existing cellular infrastructure is hardly ideal for drone communication.

He noted, “There are many problems with using existing cellular infrastructure for controlling drones. The antennas are pointed at the ground not the sky, the technology is not set up for high speeds, some of the spectrum used is prohibited from being transmitted from an airborne transmitter, and the lack of link reliability is also a problem.”

Chad Sweet

Qualcomm’s director of engineering Chad Sweet, countered: “Jim, it turns out, due to free space properties, even with the antennas pointed at the ground the problem is seeing too many towers and not too few.”

Obviously, the lack of cell signal availability worries drone users. Qualcomm’s Sweet said, “As the craft goes higher in rural areas, the coverage gets better.” However, he added, “Existing networks would likely only be a stop-gap. A dedicated network would be needed longer term.”

There are alternative communication methods, but they aren’t great. “A satellite transceiver is too heavy for small UAVs,” Sweet said. He opined that cellular networks might be designed for all sorts of coverage scenarios. “Australia is a great example. They have sites that go for up to 100 miles.”

Sweet concluded. “Cellular technology has been optimized for efficient multiple access over the last 30 years. It also has a nice property of being light weight. Regardless of spectrum chosen, leveraging cellular technology will help quickly deploy UAV to ground communications.”