Interviewbuch 2012 englisch Seite 40

Hinweis: Dies ist eine maschinenlesbare No-Flash Ansicht.
Klicken Sie hier um zur Online-Version zu gelangen.

Inhalt

Felix Lindner  Sandro Gaycken   Recurity Labs FU Berlin 41 automotiveIT 2012 yed no role in the conception phase of all the so called smart versions that exist in our world and society You can see the results Would you get into a networked vehicle Lindner Yes but only to play with it not to drive it You could compare the secu rity standard for car IT today with that of university networks in the 1980s There is none Nothing keeps hackers from doing what they want Even sensible innovations such as tire pressure monitoring show weak points because the information re aches the vehicle via a wireless protocol If you know how it works you can use this kind of interface to directly access the CAN bus the central control unit of every auto mobile No one is thinking about security in product design either For example in one of its sedan models one automaker led the CAN bus into the exterior mirrors so that they could be easily adjusted from the cen ter console But the same network controls the door lock unlock and engine on off functions Thieves only have to kick away an exterior mirror and connect a computer to the cable and the car is stolen without breaking in a window without scratches on the door lock Do you have any recommendations to eliminate such misuse in the future Lindner Quite easily Stop linking things together as a matter of course There is no good reason for the engine control to have to communicate with the entertainment system In the current state of affairs it is still possible to de network this kind of car IT The more the value chain progresses the more difficult it will become Automa kers that buy and install entire systems can not possibly judge the components level of security Gaycken Automakers should give careful consideration to which parts of the pro ducts they want to network For quite some time it has not made sense to network just because it s possible Each entry into a lar ge network is a potential security risk that must be appropriately evaluated One thing is clear the current experience with critical infrastructure such as power plants energy companies and electric and transportation networks will reach the automobile in a few years Political leaders will take a very close look at vehicle security and provide appropriate regulation Interview by Ralf Bretting and Hilmar Dunker