By Colleen Kave, J.D.
The House Energy and Commerce Committee has requested that the National Highway Traffic Safety Administration (NHTSA) convene an industry-wide effort to develop a plan of action for addressing the risk posed by the existence of On-Board Diagnostics (OBD-II) ports in the modern vehicle ecosystem, according to a letter addressed to Mark R. Rosekind, the agency’s administrator. Citing the increasingly effective and increasingly frequent attacks on the internal networks of automobiles through the use of OBD-II ports and the devices that connect to them, the Committee asked NHTSA to provide a plan of action no later than October 12, 2016, and to be available for a briefing by October 19, 2016 (House Energy and Commerce Committee Letter, September 12, 2016).
According to the Committee, data gathered by information security researchers demonstrates the ways in which OBD-II ports can be used to attack the internal networks of vehicles and force them to behave in erratic and unsafe ways. Such breaches can override built-in safeguards within a vehicle’s network and, for example, activate the parking brake or turn the steering wheel. Because devices that connect to an OBD-II port may influence the vehicle’s physical behavior and observe vehicle data, vehicles and passengers are subject to substantial risk if the port’s direct connection to the internal network is compromised. At the same time, the letter asserted, OBD-II ports and the access they provide serve as integral tools for repair shops, the aftermarket industry, vehicle hobbyists, and others who rely on the ports in order to carry out repairs, provide consumer benefits, and perform vehicle maintenance. Any changes to the current port design could have severe consequences for these industries and indivicuals.
In light of the fact that OBD-II ports have grown beyond the original purpose, which was to allow the vehicle emissions tests required by the Clean Air Act, creating a growing risk to the safety and security of passengers, the Committee suggested that NHTSA formlate a plan to facilitate an open and collaborative process for all interested stakeholders to discuss the strongest and most equitable solution to the cybersecurity challenges presented.
MainStory: TopStory MotorVehiclesNews
Interested in submitting an article?
Submit your information to us today!Learn More