CAN bus

the U.S. Justice Department has formed a threat analysis team to study potential national security challenges posed by self-driving cars, medical devices and other Internet-connected tools.

Podcast – Smart Vehicle Security: A Report from the Lab

In-brief: In this Security Ledger podcast, Paul speaks with Sameer Dixit of Spirent Security Labs, a leading tester of connected (“smart”) vehicles. Truly secure, connected vehicles may be years away, he says. In the meantime, security flaws and poorly implemented features are a major issue, Dixit says, with many car companies still preferring bolt on security fixes over secure design. 

Car Infotainment Vulnerability Raises Supply Chain Concerns

Car Infotainment Vulnerability Raises Supply Chain Concerns

In-brief: Researchers from George Mason University and New York University are warning that the software used to link smart phones to in-vehicle “infotainment” (IVI) systems could make cars vulnerable to remote attack. 

The Department of Homeland Security is investing close to $4 million on two projects related to the security of connected vehicles.

One in Five Vehicle Vulnerabilities are ‘Hair on Fire’ Critical

In-brief: One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive. 

Carnegie Mellon CERT warned that BlueDriver, an aftermarket "smart car" product can open vehicles to remote attack.

CERT: Aftermarket Add-On Opens Cars To Life Threatening Hacks

In-brief: Carnegie Mellon CERT warned drivers that a popular aftermarket product for vehicles could leave them open to potentially “life threatening” wireless attacks. Update: added info on recommended remediation. PFR 4/8/2016

Listen to Security Ledger's interview with Chris Valasek, one of two experts who developed a wireless hack of the Jeep Cherokee.

Podcast: Interview with Car Hacker Chris Valasek of IOActive

In-brief: Security Ledger Editor in Chief Paul Roberts speaks with Chris Valasek, the Director of Vehicle Research at IOActive about the work he and Charlie Miller did to develop wireless based attacks that control the braking, steering and acceleration of late model Chrysler vehicles.