Hankook 24H Dubai kicked off the 2018 endurance racing season with a feast of motorsport.
Last month, Rutgers University and the University of South Carolina released a joint study that, in essence, sounds scarier than it really is.
According to the report, which made the rounds over the Web, a vehicle’s automotive electronic systems are vulnerable in vehicles with direct tire pressure monitoring systems. Why? Because they can be “hacked” wirelessly through the tire pressure monitoring system (TPMS) sensor, which sends information via a wireless signal to the engine control unit, or ECU.
In “Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study,” the researchers say they were able to do just that.
I contacted several TPMS manufacturers to find out what they thought. The folks at Schrader Electronics Ltd. responded with, shall we say, some doubts about the study’s conclusions. They said the study “raised uncertainty about the security of RF-based tire pressure monitoring systems.”
“While we sincerely respect the opinions of the researchers, we also strongly believe their study makes conclusions which are based on limited knowledge, and in some cases, are incorrect.”
Here are Schrader’s responses to questions about the issue.
Q. Can someone “forge” a TPM sensor and “fool” a vehicle system in thinking it has a low tire?
A. Technically this is possible; however, it is difficult, and certainly not as easy as the researchers suggest. First, it would require a significant amount of time, expensive equipment and knowhow to receive and replicate a proper protocol. Currently, the market has over 147 different protocol variations, which would mean an extensive effort would be required before a forger could start to send the correct protocol and vehicle specific ID, all before they could create a system disturbance. Next, the forger would have to stay within 25–30 feet of the vehicle for “extended periods of time” to cause the warning light to illuminate to the point of creating a false sense of security. The practicality of a forger following someone around, with the purpose of transmitting a false low pressure simply to annoy them, is questionable.
Q. Can someone use the TPM ID to track a driver’s location?
A. This is not only impractical but nearly impossible. TPM sensor transmitters are low signal devices subject to FCC Part 15 and are a Class C device. It is true that the signal is unencrypted, but due to the low signal strength, it would be highly unlikely anyone could read the signal from 130 feet away. It would be even more difficult to successfully read the signal when the vehicle is moving past a fixed location. TPM systems operate on multiple frequencies, data speeds, ID lengths, protocol encoding, etc. If someone was successful in decoding one sensor type, there are over 147 different types currently in operation, and this number increases every day. The complexity in the market not only makes it difficult for this scenario but also impractical. Even the author admits this: “Xu said that while it is possible to track someone by their tire IDs, the feasibility of doing so would be quite low. Someone would have to invest money at putting receivers at different locations," she said. “Also, multiple tire manufacturers have different types of sensors, requiring different receivers. Each receiver in this test cost $1,500.”
Q. The researcher suggests, “With such systems, people just try to make things work first, and they don't care about the security or privacy during the first run of design," Xu said. True or false?
A. Schrader has spent more than 15 years designing and developing TPMS systems. Our product has millions of operating miles in every day field conditions. It is completely incorrect that we “just try to make things work first.” The Automotive Electronics industry has some of the most stringent testing requirements of any industry. Consumer safety and security are first and foremost in the development process, and as an industry, we do not take short cuts. Similarly, in 2010, Schrader launched a public and industry TPMS communications campaign effort designed to raise consumer awareness about the safety, fuel savings, and environmental benefit of tire pressure monitoring systems. The centrepiece of the initiative is a comprehensive three-in-one TPMS Web site with three role-based sections: TPMSMadeSimple.com for drivers; TPMSMadeEasy.com to address aftermarket-specific training and service needs; and TPMSMadeRight.com to assist original equipment manufacturers with quality and technology-based decisions.
Q. The researcher suggests, “Such messages could also be forged. An attacker could flood the control unit with low pressure readings that would repeatedly set off the warning light, causing the driver to lose confidence in the sensor readings. An attacker could also send nonsensical messages to the control unit, confusing or possibly even breaking the unit.” True or false?
A. It is impossible to “break” a transmitter or receiver by sending false or “nonsensical” messages to the ECU. In the hypothetical scenario, someone was successful in “confusing” an ECU; these systems are designed to flag such a fault and indicate the system needs to be repaired. This in no way would compromise a consumer’s safety or security.
In conclusion, Schrader said TPM systems, as currently designed, provide a reliable and safe indication of tire pressure.
“There have been millions of vehicles installed with TPMS over the past 15 years. TPMS is a legislated safety system required on 100% of U.S. vehicles beginning in 2008, and similar legislation is being developed in Europe and the Asia-Pacific countries.
“The National Highway Traffic Safety Administration (NHTSA) estimates that 660 fatalities and 33,000 injuries each year are attributable to crashes caused by underinflated tires. TPM systems are protecting drivers and passengers and ensuring safety each and every day.”
So don't worry. Tire pressure monitoring systems are secure. Now, if only the industry could develop an unbreakable and affordable TPMS sensor...
Hankook 24H Dubai kicked off the 2018 endurance racing season with a feast of motorsport.
Williams Martini Racing is pleased to announce Robert Kubica as its Reserve and Development Driver for the 2018 Formula One season.
Williams Martini Racing is delighted to announce that Sergey Sirotkin will partner Lance Stroll in the 2018 FIA Formula One World Championship.
Yokohama Rubber Co. Ltd. plans to spend $45.5 million to expand production of off-the-road tires at an Alliance Tire Group plant in India. By the end of 2019 the company says production capacity at the site will increase more than 60%, to 91,700 tons.
K&M Tire Inc. founder Ken Langhals likes to remind his 600-plus employees that a customer’s tire order one day doesn’t guarantee another order the next. And that means K&M’s annual dealer conference is an opportunity to provide dealers with help and extra services that set K&M apart from other wholesalers.
The National Tyre Distributors Association (NTDA) recently held its annual conference, which, although traditionally staged in the UK, represents the ongoing current issues in the tire industry throughout Europe (at least until the Brexit negotiations are completed) and attracts an extensive and diverse range of delegates.
I’m tired of talking about the internet, but I might be the only one. It’s a subject that tire dealers talk about all the time, and it doesn’t appear the internet is going out of business anytime soon. There aren’t any future plans to turn it off.
Walt Holland comes from a family of miners. Growing up he worked in the uranium mine his father owned, and he went on to spend 30 years working in Nevada’s gold, silver and copper mines. He eventually became a mine operations manager for Newmont Mining Corp., one of the largest mining companies in the U.S.
Iowa Tire Sales Co. sells tires for everything from lawn mowers to mining equipment. But agricultural tires and the growers who own them are special to store owner Jeremy Howard.
The new M588 heavy duty on/off-road drive tire Toyo Tire U.S.A. Corp. is designed for severe service applications including oil, gas, mining, and logging operations.
Standard Motor Products Inc. (SMP) has added 324 part numbers for domestic and import vehicles to its BWD engine management line.
Chicago Pneumatic Tool Co.’s new CP825C series composite air ratchets are designed to offer high accessibility to tight spaces such as motor engine compartments as well as high speed for fast rundown (280 RPM).
Ford Motor Co. has added spark plugs and tire pressure monitoring system (TPMS) sensors to its Omnicraft brand of replacement parts for non-Ford vehicles.
Due to the Martin Luther King Jr. holiday, Modern Tire Dealer will not publish Hotwire on Monday. Look for the next edition on Tuesday, Jan. 16.
Alliance Tire Americas Inc. (ATA) has established a new organizational structure and named Dhaval Nanavati president.