Cybersecurity

Case Study

A hands-free car kit utilized the Headset, Phonebook Access and Advanced Audio Distribution profiles usually required to realize features such as call handling and music streaming. The same car kit reported occasions of phone book data theft.

Using protocol analysis to examine the Bluetooth implementation, it was found that the wrong security mode had been employed, allowing unauthorized Object Push Profile (OPP) Pull requests to the car kit, resulting in unauthorized download of private data. The correct Security Mode requiring mandatory authentication for the OPP service was enabled.

Further examination of the implementation revealed that the car kit was vulnerable to unauthorized discovery of the device address, a necessary component for the OPP exploit. In this case, the car kit failed to come ouf of discovery mode after successful pairing and remained available to connection to other devices. It was also found that the discovery mode timeout period after unsuccessful pairing was set too long, creating extended windows of opportunity for hostile actors to connect.

These vulnerabilities were successfully corrected, and the car kit’s exposure to data theft was minimized.

The Teledyne LeCroy Solution

The connected car’s attack surfaces are the vectors and targets by which malware or other attacks exploit weaknesses in order to affect a vehicle’s critical safety and non-safety functions. Those attack surfaces include the automobile’s ECUs (airbag, engine, transmission, brakes, lights and body); onboard diagnostic systems; telematics and connectivity transports; keyless entry and anti-theft systems; vehicle-to-vehicle communication and Dedicated Short Range Communications; and infotainment systems.

Teledyne LeCroy’s tools and services examine each of these vectors to ensure that communications security protocols have beenimplemented correctly to limit exposure, and that targeted components are functioning at peak performance and are able to ward offhostile attacks.