[ISN] F1 on hacker alert

From: InfoSec News (isnat_private)
Date: Wed Feb 27 2002 - 23:22:23 PST

  • Next message: InfoSec News: "[ISN] Security UPDATE, February 27, 2002"

    http://www.themercury.news.com.au/common/story_page/0,5936,3856055^421,00.html
    
    27feb02
    
    FORMULA One teams are on full-scale alert to stop computer hackers
    causing havoc with cars in Sunday's Australian Grand Prix. New rules
    introduced to F1 this year allows teams to use computers to control
    all electronic aspects of the car while it is actually involved in the
    race.
    
    The technology, called bi-directional telemetry, allows engineers to
    make changes to the car while it is on the track.
    
    But it has also increased the risk of computer hackers turning F1 into
    a real-life video game by breaking into systems and taking control of
    key aspects of the car.
    
    "There is potential for that," admits Williams chief operations
    engineer Sam Michael.
    
    "There's potential that if your system's not coded properly, you could
    have a situation where it gets false messages.
    
    "If it happened, the biggest danger you would have is a change on the
    engine side - detonating the engine."
    
    Bi-directional telemetry is not new to F1.
    
    It was banned from the sport in 1993, but F1's governing body voted to
    reintroduce it this year, starting with Sunday's season opener in
    Melbourne.
    
    The key to bi-directional telemetry is an aerial on the side of the F1
    car, which sends data through a microwave link back to computers in
    the pits.
    
    The data is assessed and engineers decide if any changes should be
    made to key areas such as differential and traction control, power,
    fuel and oil consumption.
    
    The driver is warned of any incoming changes from the pit via a
    display on his steering wheel, then presses a button to acknowledge
    the changes being made.
    
    Jordan team technician Gilles Flaire, a former French secret service
    agent, believes the bi-directional telemetry could face attack from
    hackers during a race weekend and cause "a disaster".
    
    "If the bi-directional telemetry allows those in the pits to control
    essential parameters of the car, it will be possible to interfere in
    the systems through devious methods," he told this month's Sport Auto
    Moto magazine.
    
    "It will be difficult to spy, but easy to distract the radio
    communications between the car and pit. "In addition, it will be easy
    to hide or mask the original message by preventing it from reaching
    its final destination.
    
    "Eventually, if someone will be so good to find the signal that blocks
    everything, it can and will create a disaster." But F1 teams have
    introduced complex safeguards along with the technology to keep
    would-be hackers at bay.
    
    Pre-set secret codes for those authorised to make changes, encrypted
    data to ensure other teams can't access information and built-in
    limits on the amount of changes that can be made at any one time are
    what teams are banking on to keep their multi-million dollar cars
    secure.
    
    "There's a lot of things you can put into place to try and stop it
    (hacking), by having pre-set codes before a computer receives an
    instruction, and that's probably the best thing you can do," Michael
    said.
    
    "In terms of someone blocking your frequency to stop a message coming
    through, there's not much you can do about that.
    
    "But for them to send a command that makes it change a command that
    you don't want it to change, they would have to have some type of
    inside knowledge to your company because everything's coded.
    
    "It has to receive a certain message before it changes anything."
    
    Computer hackers have already had a taste of F1.
    
    Renault admitted last year that hackers had broken into its system and
    stolen designs for its 2001 car.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 28 2002 - 02:17:56 PST