A new technical paper titled “On the Feasibility of Remotely Triggered Automotive Hardware Trojans” was written by researchers at Georgia Tech.
“In this paper, we discuss how Hardware Trojans can act as the physical access intermediates to allow the remote triggering of malicious payloads embedded in ECUs, through seemingly benign wireless communication. We demonstrate a proof of concept ECU hardware trojan (HT) on a RISC-V based processor emulating an ECU. The HT takes advantage of benign radio functionality, emulated by TCP packet transmission, to provide a triggering pathway for disabling the ECU and thus, the host vehicle. This attack vector, enabled by deep and often opaque international supply chains common in the automotive industry, provides a stealthy way to conduct both targeted and fleet-wide remote attacks against vehicles,” states the paper.
Find the technical paper here.
Moschos, Athanasios, Kevin Valakuzhy, and Angelos D. Keromytis. “On the Feasibility of Remotely Triggered Automotive Hardware Trojans.” 2022.