author photo
By Bruce Sussman
Tue | Apr 2, 2019 | 8:25 AM PDT

A team of security researchers who have been hacking Tesla vulnerabilities for a while now have announced the kind of hack that will surely work its way into a Hollywood movie script.

They claim to have hacked Tesla's Autopilot system, gaining the ability to adjust the steering and send the car into oncoming traffic.

It's an autonomous vehicle worst case scenario.

And it reminds us of what Bruce Schneier told us at SecureWorld Boston: "The internet is about to start killing people, and government regulates things that kill people."

Schneier clearly expects more regulation when it comes to IT security, as a result of what is at stake. And what's at stake was demonstrated in this latest Tesla hack proof of concept.

Hacking the Tesla Autopilot

Tesla's Autopilot system uses cameras, ultrasonic sensors, and radar. In addition, Tesla Autopilot comes loaded with computing hardware that allows the vehicle to process data using deep learning to react to conditions in real-time.

The research team from Tencent Keen Security Lab was able to reverse engineer the services and communication paths involved in the CAN Bus system that controls Tesla's Autopilot, and it found the "DasSteeringControlMessage" was a key component of control.

Researchers say after hitting some dead ends, they tried injecting a command and it worked.

"Finally, we figured out an effective solution: dynamically inject malicious code into cantx service and hook the “DasSteeringControlMessageEmitter::finalize_message()” function of the cantx service to reuse the DSCM’s timestamp and counter to manipulate the DSCM with any value of steering angle."


Tesla features controlled by a game controller

In plain English now, the researchers actually hooked a game controller to a mobile device and were able to use the game controller to control the Tesla, as follows:

  • When the car is parked, we can take control of the steering system with no limitations.
  • When the car has been switched from R (Reverse) mode to D (Drive) mode by shifting handle, the APE (Autopilot) seems to think the car is in APC (Automatic Parking Control) mode, which allows us to control the steering system at a speed of around 8 KM/H.
  • When the car is in the ACC (Adaptive Cruise Control) mode with a high speed, the steering system can be also controlled without limitations.

The hacking team then had the ability to steer the car into oncoming traffic at high speed, which sounds like a movie—although this is real life.

This research is the latest piece of evidence that cybersecurity and physical security will be increasingly linked in the future.