Skip to main content

Vehicle cybersecurity aims to protect drivers, cargo from hackers

Sam Hollifield displays a prototype of the Secure Hijack, Intrusion and Exploit Layered Detector, or SHIELD, the device monitoring the cybersecurity of the semi-truck. Credit: Lena Shoemaker/ORNL, U.S. Dept. of Energy

As vehicles gain technological capabilities, car manufacturers are using an increasing number of computers and sensors to improve situational awareness and enhance the driving experience. Sam Hollifield, a cybersecurity research technical professional at the Department of Energy’s Oak Ridge National Laboratory, applies his background in cybersecurity to understand vulnerabilities in vehicles and find technical solutions to prevent cars from being hacked.

“Automobiles today are incredibly sophisticated and rely on a lot of processing and computation power to function. Their networks contain a wealth of information and manage the critical functions to drive the vehicle,” said Hollifield. Automobiles pose a unique challenge: Most people in the United States own at least one and often leave them unattended for long periods. Cars have become a familiar target for hackers, offering easy access to an insecure data center on wheels.

Over the past several years, media stories have reported of hackers remotely taking control of a car, threatening the safety of the driver. Hollifield explained in a recent episode of the Crossdock podcast how 70 to 80 little computers in a vehicle connect to each other using a system called the controller area network, or CAN, bus. Whether it’s a passenger vehicle or a large, high-interest cargo truck, the CAN bus communicates information from the sensors and driver to control the vehicle and is a trove of data for hackers to steal.

At ORNL, Hollifield looks at security technologies for the CAN bus of heavy-duty on-road trucks that carry radioactive material, focusing primarily on cybersecurity for in-vehicle networks and secure implementations of smart packaging. “I want to understand the vulnerabilities that can impact safe transport so we can monitor, alert and respond to threats during movement,” he said.

One technology Hollifield and his team are working on to defend against automotive threats is called SHIELD, or Secure Hijack, Intrusion, and Exploit Layered Detector. The detector box, which is smaller than a loaf of bread, connects directly into the vehicle to monitor, detect and possibly prevent intrusion into the CAN bus. The system notifies the driver, company dispatch or law enforcement if an attack is detected, further protecting high-interest cargo.

Hollifield found his way to cybersecurity for vehicles through mentorship at ORNL.

In 2017, Hollifield explored a research career through the Oak Ridge Institute of Science and Education’s SULI program. “My mentors, Michael Iannacone and Robert Bridges, guided me through the world of automotive electronics and applied mathematics for cybersecurity,” he said. “Many of the tools and skills that helped me to be successful in the field were gained at ORNL.”

He believes anyone with a solid understanding of programming, statistics, embedded hardware and automotive systems could find success in this area. Ultimately, he noted the most important trait is persistent curiosity and a passion to completely embrace and understand a problem. “In my experience, the most necessary skills can be taught to someone with an inherent interest and ability to take ownership of a problem.”                                      

Tips on buying new cars

Consumers can take steps to understand the technology in a new car and to protect their information. For Cybersecurity Awareness Month, Hollifield shares the following tips for drivers to be better informed about vehicle vulnerabilities, especially in newer cars with the latest tech:  

• Be cognizant of any information provided to the infotainment system, especially when test-driving a car. Even pairing a phone can expose contacts and addresses to the vehicle. Deleting this information from the vehicle may not always completely erase it.

• Conduct your own research into a car’s vulnerabilities, specifically looking at the year, make and model. Don’t rely on the car dealer to tell you the issues. Car companies don’t always like to advertise when they are being hacked.

• While doing research, try to determine if the vehicle manufacturer has responded to a cyberattack. If so, how did they react? Did they publicly disclose the vulnerability and issue a recall or update? Use this information about the manufacturer to determine if it meets your level of comfort as a car owner.

• If you’re technical and want to get hands-on, bring an automotive network sniffer and test the car prior to purchase. Modern vehicles should not broadcast network data from the On-Board Diagnostic port. This is a simple test to determine if the manufacturer observes best practices.

UT-Battelle manages ORNL for the Department of Energy’s Office of Science, the single largest supporter of basic research in the physical sciences in the United States. The Office of Science is working to address some of the most pressing challenges of our time. For more information, please visit — Liz Neunsinger