Cybersecurity in public transport

01/05/2023

Emmanuelle Saux

Cybersecurity in public transportation

The notion of cybersecurity is very often associated with the hacking of financial or corporate data, but not necessarily with that of vehicles, and more particularly in public transport. And yet, the flaw does exist, and it was an experiment in hacking a vehicle, carried out in 2015, that set the world on fire. It didn’t involve a public transportation vehicle, but the impact was so great that it got things moving in all sectors of transportation. Two computer security researchers hacked into a Jeep Cherokee remotely, whereas until then it had only been done from inside the vehicle. The video is particularly explicit, and shows how the two American researchers managed to connect to the vehicle’s data, to take control of many functions, even cutting the transmission while the vehicle is being driven on the highway. No damage is to be deplored since this was done as part of an experiment, but the adventure has generated a lot of concerns. Fortunately, these concerns led to the implementation of regulations requiring manufacturers to control the level of computer protection of new vehicles.

How is it possible to enter the data of a vehicle?

The above example is worrying because the hacking was done remotely, which implies that the internet network connecting the vehicle to the data server becomes a gateway for potential hackers, who no longer need to manually connect to a simple plug. Today, we are all surrounded by connected objects and it is impossible to stop the development of the IoT (Internet of Things) which is exploding every year.

In an urban transport vehicle, in our case a bus, the data relating to the vehicle are transmitted in real time via a gateway or communicating platform, which are received on data processing servers. The upstream data is used to meet the various needs of the vehicle’s operation: kilometers traveled, range, stop times, etc… all this data is sent up via the Internet network to feed the operation server.

The downstream data, software updates, integration of a patch, etc… are then used for the maintenance of the vehicle for example, and are often carried out thanks to a diagnostic suitcase to enter the system. In this case, there are 2 input ports: the standard OBD “On Board Diagnostic” socket or on the communicating box.

With 2 physical inputs and 1 virtual input to access the vehicle’s data, it is clear that the implementation of computer security is crucial to avoid any hacking.

You could also consult

Un nouvel ennemi dans l'air : La nanoparticule

0 %

of transit agencies have a cybersecurity strategy in place

Source : Mineta Transportation Institute (MTI)

0 %

of cyber attacks in 2021 were in the transportation sector

Source : Rapport IBM Security X-Force Threat Intelligence Index 2022)

What are the risks of vehicle hacking?

A cyber attack on an urban transport vehicle can easily be compared to a hostage situation, or even worse to a terrorist attack, if the hackers have bad intentions. The hackers would take partial or total control of the vehicle and its passengers, and could divert it from its usual path, causing numerous traffic accidents with all the dramatic consequences that this would entail. This is of course the most extreme case, but the one that causes the most concern for operators and public authorities.

Other risks, less tragic but just as dangerous, are also to be taken into consideration. Hackers would have the ability to enter the transportation network server via a vehicle to which they have connected, and could bring the entire transportation network to a halt, causing widespread panic. Finally, hackers could simply enter the vehicle’s system to send false information and, for example, steal the vehicle while it still appears on the operator’s network.

All of these risks are subject to extreme scrutiny by manufacturers who implement numerous security systems to ensure the reliability of their products and to meet regulatory requirements (see below).

How have the laws incorporated these risks?

In the context of the harmonization of vehicle regulations (UNECE WP.29), two new laws have been put in place covering these key topics: Cybersecurity (R155) and Software Update (R156).

The R155 regulation is a risk analysis method listing a set of threats related to cybersecurity. The objective of this regulation is to take into consideration both on-board threats (penetration of the bus’s internal communication exchanges) and off-board threats (in particular the interception of data transmission from the bus, or the direct attack on data storage servers). The measures that are and will be implemented will be subject to an external audit by a recognized state organization (UTAC, Bureau Veritas…) in order to guarantee that the bus complies with cybersecurity requirements. This regulation is mandatory since July 6, 2022.

The R156 regulation obliges bus manufacturers to demonstrate compliance with the new requirements for vehicle software versions and how they are managed. Like R155 for cybersecurity, manufacturers must demonstrate traceability of software components throughout the vehicle’s lifecycle. These new rules, required by law for any new vehicle approval, also impact suppliers and other supply chain actors. Indeed, any software update to be deployed by a manufacturer on a vehicle, whether developed in-house or provided by suppliers supervised by the manufacturer, requires a specific set of activities depending on its impact on the vehicle’s certified systems.

How does SAFRA manage cybersecurity on its vehicles?

Data protection is a very sensitive issue and is at the center of all SAFRA teams’ attention, regardless of the service. We have taken cybersecurity into account on our Hycity (hydrogen buses) and H2-pack (hydrogen retrofit kits for intercity buses) programs from the start, and we have instructions to avoid any behavior that could present a risk. This internal rigor is required of our suppliers in the same way, by putting in place high levels of protection.