Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Transportation

Automakers Are Locking the Aftermarket Out of Engine Control Units (roadandtrack.com) 175

This month Road & Track looked at "increased cybersecurity measures" automakers are adding to car systems — and how it's affecting the vendors of "aftermarket" enhancements: As our vehicles start to integrate more complex systems such as Advanced Driver Assist Systems and over-the-air updates, automakers are growing wary of what potential bad actors could gain access to by way of hacking. Whether those hacks come in an attempt to retrieve personal customer data, or to take control of certain aspects of these integrated vehicles, automakers want to leave no part of that equation unchecked. "I think there are very specific reasons why the OEMs are taking encryption more seriously," HP Tuners director of marketing Eddie Xu told R&T. "There's personal identifiable data on vehicles, there's more considerations now than just engine control modules controlling the engine. It's everything involved."

In order to prevent this from becoming a potential safety or legal issue, companies like Ford have moved to heavily encrypt their vehicle's software. S650 Mustang chief engineer Ed Krenz specifically noted that the new FNV architecture can detect when someone attempts to modify any of the vehicle's coding, and that it can respond by shutting down an individual vehicle system or the vehicle entirely if that's what is required.

That sort of total lockout presents an interesting challenge for [car performance] tuners who rely on access to things like engine and transmission control modules to create their products.

Last month Ford acknowledged tuners would find the S650 Mustang "much more difficult," the article points out. And they add that Dodge also "intends to lock down the Engine Control Units of its upcoming electric muscle car offerings, though it will offer performance upgrades via its own over-the-air network."

"We don't want to lock the cars and say you can't modify them," Dodge CEO Kuniskis told Carscoops. "We just want to lock them and say modify them through us so that we know it's done right."

Thanks to long-time Slashdot reader schwit1 for submitting the article.
This discussion has been archived. No new comments can be posted.

Automakers Are Locking the Aftermarket Out of Engine Control Units

Comments Filter:
  • A good strategy (Score:5, Insightful)

    by Mr. Dollar Ton ( 5495648 ) on Sunday November 27, 2022 @03:54AM (#63082542)

    Customers should be vendor-locked and made to pay through their nose. What do they think, someone owes them "competition" and "fredums"? Pay up, or GTFO! My jet fleet won't pay for itself.

    • Just replace the whole ECU with a better one.
      • Re: A good strategy (Score:5, Informative)

        by DamnOregonian ( 963763 ) on Sunday November 27, 2022 @04:40AM (#63082582)
        I don't think that's been an option for cars for a long time, now.

        I mean sure- it's a technical possibility, but it isn't the 80s anymore. An ECM handles a lot more than ignition and fuel delivery.
        To develop an aftermarket ECU that can actually handle all the functions of the stock one is going to take some serious reverse engineering.

        I did some reverse engineering on my last Mustang (1999) to get access to the ECM's individual cylinder misfire counters, and even on that thing, I discovered that it handles the silliest shit, like my window rolling down a quarter inch when I lift the door latch so that it doesn't wreck the convertible top.

        The "Door Computer" is actually nothing but a an interface breakout from CAN to the local direct electronics.
        • Re: A good strategy (Score:4, Interesting)

          by PsychoSlashDot ( 207849 ) on Sunday November 27, 2022 @06:55AM (#63082744)

          I don't think that's been an option for cars for a long time, now.

          No, that's how it's being done on the current generation of muscle cars. You can buy unlocked ECMs from various performance ships. Those have been hacked to allow modifications.

          • Re: A good strategy (Score:4, Informative)

            by DamnOregonian ( 963763 ) on Sunday November 27, 2022 @08:47AM (#63082892)
            That's not what they're suggesting.

            This article is about "unlocking" ECMs being on the cusp of being a lot harder to pull off.
            It's easy to imagine how they can do that. Start using SoCs that require cryptographically signed firmwares to boot.

            Current generation "locked" ECUs are not really protected at all.
            They just require OBD software to submit a password before functionality is unlocked. Modifying one to be unlocked simply means re-flashing it with the password blanked out.

            Right now, there's no *real* work on those ECMs to ensure code and data integrity.

            For this reason, parent was suggesting you simply get a "better ECM", i.e., an pure-aftermarket solution... which is technically feasible, but also practically infeasible.
            • For this reason, parent was suggesting you simply get a "better ECM", i.e., an pure-aftermarket solution... which is technically feasible, but also practically infeasible.

              It depends on the level of integration, and what you're willing to give up and/or swap out. There's no reason why you can't buy a PCM from Haltech, and build a harness to connect it into your vehicle. You'll have to swap it back for emissions testing if you've got an ICEV. You might have to add an ignition switch system of some kind. You may have to retrofit a new control system for the door latches and locks. It's all doable, though the PCM is expensive. But that raises the question, why bother? If you're

              • It depends on the level of integration, and what you're willing to give up and/or swap out

                100%.

                What you give up is more than you think on any modern car. The example I gave, is the ability to roll your windows up and down on my last car.

                Obviously you can re-implement everything in the car controlled by the ECM, but realistically- that's simply not going to happen.

                People with money and the desire to go faster swap PCMs in modern cars all the time.

                Almost* always, that's done by using a flashed (by software, or a tuning ECM provider) stock ECM, so that all of the functionality is still there, it's just password unlocked so that you can play with it.

        • I did some reverse engineering on my last Mustang (1999) to get access to the ECM's individual cylinder misfire counters, and even on that thing, I discovered that it handles the silliest shit, like my window rolling down a quarter inch when I lift the door latch so that it doesn't wreck the convertible top.

          That sounds very 1999. My 2020 BMW has various discrete modules for all those things, lots of them actually. Windows would be in the BDC (Body Domain Controller, no pun intended), probably specifically the FEM (Front Electronics Module), but most certainly not in the DME. My coding software tells me what modules handle what. Some functions do require flashing more than one module.

          https://www.bmweg.com/bmw-modu... [bmweg.com]

          I love being able to code everything the factory can in all those modules, and would p

          • Sounds very similar to what my buddy describes for his X6 M (unsure on the year, but I think around start-of-pandemic)
            • Undoubtedly much the same. I love how customizable these cars are through coding. Even if they feel they must lock down the engine management portion, I would be very sad if they do the same for everything else. At least that leaves piggybacks. Custom transmission mapping (XHP), and AWD system tuning (xDelete) would also be very much missed.
          • Your BMW also has multiple networks of AUTOSAR ECUs. Many manufacturers use this architecture. Where things blow up for 1337h4x0r5 is the CAN signals. In AUTOSAR, every ECU on a network contains a copy of the signal database. If any ECU is replaced, it must have the same version of the SDB loaded onto it or the ECU will be a babbling idiot on the network. This will cause many ECUs to start throwing DTCs and break all kinds of functionality.

      • Re: A good strategy (Score:5, Interesting)

        by monkeyxpress ( 4016725 ) on Sunday November 27, 2022 @05:14AM (#63082622)

        Just replace the whole ECU with a better one.

        Stock engine upgrades don't really make sense now anyway. Sure you might be able to unlock a few more HP, but it will most certainly be at the expense of your vehicle's ability to pass an inspection (i.e. emissions control) and/or the reliability and life of the engine. For the gains you get, it just doesn't seem worth it.

        Another thing is that performance is pretty cheap these days. If you have the money to play around with high performance road vehicles, then just get a dedicated track/rally car. You can get some decent early 2000s hot hatch and rebuild and engine for pretty cheap these days to get something that goes really well. Ripping around a track in a car that you can beat up (a little bit) is way more fun than getting 0.5 seconds off your quarter mile time on a vehicle that you'll spend most of the time stuck in traffic or pottering around at 30mph. Additionally, many countries still have extremely generous exemptions for emissions, noise etc if you have a road 'legal' rally car compared with a family car that you're trying to hot up, and typically track vehicle road insurance is significantly cheaper than trying to insure your modified road car. It's a much easier way to go about things and a lot more fun.

        • You're daft. LS swaps are nearly ubiquitous now. If you can swap it into the engine bay, there's a company out there selling a supporting wire harness/harness interface + tune for you. Only thing you'll lose is traction control in most cases. There are still LS swap kits for the Miata out there:

          https://v8roadsters.com/produc... [v8roadsters.com]

        • ...you'll spend most of the time stuck in traffic or pottering around at 30mph.

          What? Did they put systemd on cars now?

      • Re: A good strategy (Score:5, Interesting)

        by TheGratefulNet ( 143330 ) on Sunday November 27, 2022 @08:07AM (#63082826)

        for gas cars, maybe.

        electric cars? essentially never.

        (I work in the field and write fw that runs on ecus)

        guys, we (the industry) cant even get our own ecu fw and hw right. you think you're going to dev sw, build and test it and flash it?

        no. just no. not for the new breed of cars.

        along with that, expect CAN, eth, and the rest to be encrypted. and for good reason. lots of bad actors out there and breakins and other nonsense has to be guarded against.

        its not that they dont want you to enjoy your car, but the game is nowhere near the same as it once was. its almost all software now. swapping the same part but with older fw may be as bad as swapping in a dead brick.

        and as fw updates happen FOTA style, again, your modded ecu is not going to play well.

        those days are over. deal with it.

        • Re: A good strategy (Score:4, Interesting)

          by inode_buddha ( 576844 ) on Sunday November 27, 2022 @08:38AM (#63082880) Journal

          I work in the field too, I do corporate fleet and heavy equipment maintenance. The days of you guys getting my money are over (my employer can pay thru the nose, and they do...)

          Electronic control is a disaster waiting to happen, either via planned obsolescence, bad caps, or EMP events. To say nothing of the huge expense. Think $30 wheel bearings vs $300 wheel bearings, and the both have the same mechanical lifespan.

          Which is why my own equipment is out of the stone age, and can be fixed by anyone with ordinary tools and supplies. While my employer is spending millions every quarter on industrial engine controls, my rig is often the only thing that actually runs and works that day, in all kinds of weather. No, it doesn't get the best gas mileage -- that is the trade-off, and its worth it for stone-hammer reliability.

        • Re: A good strategy (Score:5, Informative)

          by GameboyRMH ( 1153867 ) <gameboyrmh@@@gmail...com> on Sunday November 27, 2022 @11:14AM (#63083076) Journal

          This is what talking about guarding an ECU against a remote exploit sounds like:

          https://xkcd.com/463/ [xkcd.com]

          The electronics for vehicle systems should be airgapped against the entertainment systems that may be connected to the Internet and other wireless communications. If you must do OTA updates (although it seems like the only way to win that game is not to play and to just let the driver plug a flash drive into a reflash port), the vehicle should have to be put into a maintenance mode to do this where the update is staged on the entertainment system and then when the vehicle goes into maintenance mode, the entertainment system is connected to the ECU and disconnected from all other communications during the reflash, which the user confirms (to prevent any accidental reflashes with possibly malicious code). This is in no way less secure than going full John Deere on every system in the vehicle and allowing unattended OTA updates, unless the aim is to build DRM rather than secure the system against attackers. At some point before that vehicle is scrapped it will stop getting updates, and if remote access is part of the attack surface that will make it vulnerable to security issues. If your signing keys are broken with a quantum computer, or more realistically, eventually leaked, the car would then be less secure than it would be with the maintenance mode switch.

          its almost all software now. swapping the same part but with older fw may be as bad as swapping in a dead brick.

          Sounds like bad design. It should be easier to make software communicating over standardized networks more widely compatible than hardware bits using odd electrical signals. Software should be able to detect version differences and go into a backwards-compatible mode or at least a safe mode for some minimum level of operation.

          Every car I've bought with an ECU either has the ECU reflashed or replaced with an aftermarket unit, and I don't think I'd buy a vehicle where at least one of those isn't an option. Hopefully once the EV industry realizes they aren't making smart TVs and starts engineering electronic systems more like the aerospace industry, this phase will pass and sensible separation of duties into different components will come back so that specific components can be reflashed or replaced to change specific functions.

          And why should gas cars have a different level of ECU integration into the rest of the car than an EV anyway? If you're going to excessively integrate it for no good reason, the powertrain type shouldn't matter. This isn't an EV issue, it's a careless Silly Valley design practices seeping into cars issue.

          • "careless Silly Valley design practices seeping into cars"

            what do you think the imbecilic valuations are about? all wall street sees is that hordes of relatively untrained hungry workers can blodge together something that barely works but people will buy anyway, and thinks you can also do that in literally any industry except software "engineering".

            expect to see a lot more of this (and a thunderous whomp when the clouds fall). you can't convince someone of the truth when their livelihood depends upon the fa

    • by Potor ( 658520 )

      Customers should be vendor-locked and made to pay through their nose. What do they think, someone owes them "competition" and "fredums"? Pay up, or GTFO! My jet fleet won't pay for itself.

      Owing a car used to represent freedom. Now, not owning one seems to.

  • by Miles_O'Toole ( 5152533 ) on Sunday November 27, 2022 @03:55AM (#63082544)

    There is no necessity for personally identifiable data to be kept on car computers, and long-standing precedent has established that "at your own risk" means exactly that when modifying a manufacturer's settings. Burn out your CPU because you didn't overclock it quite right and see how far you get demanding a free replacement from the manufacturer.

    This is the latest corporate assault on Right to Repair, pure and simple.

    • You are correct that a vehicle needs not one bit of personal data. However, unless I'm mistaken, when you use the vehicle as an interface to your mobile phone, all that personally identifying information gets stored in the vehicle unless you specifically delete it. Call me a Luddite, but I'll never tether.
      • In my car, the screen is just a U/I to my phone. My contacts etc are not stored in my car.

        Ymmv.

        • by sinij ( 911942 )
          I was recently driving a new loaner car and was shocked the car asked me to sign in. W T F! Thankfully it is still drove when I ignored it.
    • No, this is the result of all of us allowing hackers to run free. In a civilized world you shouldn't have to lock down a computer just because it is connected to a network. We shouldn't need security software. Data collection brokers should not exist.

      But they do exist. They are everywhere. If they can hack your car and make it crash they will. This is the result.

      Imagine needing an armed security escort everywhere you go, even in your own house. But you don't have to imagine this if you have been on th
  • by sonamchauhan ( 587356 ) <sonamc@NOsPam.gmail.com> on Sunday November 27, 2022 @04:13AM (#63082556) Journal

    So we get rid of the competition. And instead offer you a web based tool to tune your car via over the air updates. Very cheap for us to run. For you Mr consumer, it'll cost a fair bit more. And it'll be a subscription. Remember to cancel when your car is totalled.

    Hey, it's not all bad. We'll even introduce cutting edge computing concepts.

    Like "Gamification": "You are big spender #2345. Spend some more!"

    And yes, "loot boxes": "Oh, you wanted RPM? You got voice operated windows. Try again!"

    • by davecb ( 6526 ) <davecb@spamcop.net> on Sunday November 27, 2022 @11:13AM (#63083068) Homepage Journal

      We don't want you connecting your devices to our telephone lines, you could break them.Tell us what you want and we'll sell it to you.

      Oh, a MOdulator-DEModulator? No, we don't think you should have MODEMs. You might send computer signals over our lines...

    • It might not even cost more money, tuners can be pretty expensive. The question is why you would need one any more. Check out the ratings on the modern American light duty diesels, they are totally bananas:

      2022 Duramax: 6.6l, 445 hp/910 lb-ft.
      2022 Powerstroke: 6.7l, 475/1,050
      2022 Dodge (Cummins ISB): 6.7l, 420/1,075

      Holy shitballs batman, how long can they run like that? Not long, I'm guessing.

      The gassers are pretty pissed off too...

  • by peppepz ( 1311345 ) on Sunday November 27, 2022 @04:42AM (#63082584)
    Leaving aside the issue of regulatory compliance, it's perfectly OK to use encryption and digital signatures to prevent the end user from getting hacked. As long as the user can get control of the keys if he wants to. That's the bit that corporations usually miss when they talk about lockdown of devices "in the interest of the user".
  • by DrXym ( 126579 ) on Sunday November 27, 2022 @04:53AM (#63082596)
    That's the reason / excuse for this. Of course we have seen how car manufacturers are figuring out ways to be absolute dicks to their paying customers, hiding features behind paywalls and so forth.
    • That's the reason / excuse for this. Of course we have seen how car manufacturers are figuring out ways to be absolute dicks to their paying customers, hiding features behind paywalls and so forth.

      Yup.

      "And they add that Dodge also "intends to lock down the Engine Control Units of its upcoming electric muscle car offerings, though it will offer performance upgrades via its own over-the-air network."
      "We just want to lock them and say modify them through us so that we know it's done right."

      It's not.

  • Lock lock lock. That's all they think about these days.

    Maybe it's some sort of subconcious bondage thing with them.

    • Oh, yes, yes, yes! I've been a very, very naughty boy & I need to be punished! - Or could just be corporations finding more ways of increasing profits for their shareholders. Maybe a bit of both? Who knows!
    • I'm all in favor of some autoerotic asphyxiation for them.

      Lock them up in a large garbage bag and ... well, that's as far as I got with that idea, come back to me in a week. And take the trash out on your way out, be so kind. I can't lift more than 100 pounds.

  • .. you wanted to oust cyber security threats in general, so why leave the car open?

    UNECE R155 and R156 are basically the answer to the calls for better cyber security, that it goes along with the greed of car makers is another "feature".

  • Too many gizmos (Score:4, Interesting)

    by VeryFluffyBunny ( 5037285 ) on Sunday November 27, 2022 @05:45AM (#63082648)
    All those screens, blinky lights, voices, "cloud" stuff, driving "modes", remote controls, etc. are just more things that can go wrong & many of them are adding unnecessary vulnerabilities, including corporate exploitation, to your mode of transport. Why do it?
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Why do it?

      Profit generation for shareholders, of course.

      Even just twenty years ago you could buy a car and it would serve you "just fine" for ten or twenty years. Car makers want repeat business, though, they want you buying far more frequently than once every ten or twenty years.

      Since the introduction of the iPhone in 2007 car markers have been paying special attention to the smartphone markets and are tripping over themselves to fill cars up with computer-driven electronics, fancy screens and flashy software - not

    • Well, some of those "gizmos" are actually sensible additions to the car. Sensors measuring your combustion can save you fuel and make your car run smoother, sensors detecting problems can make repairs cheaper by telling you to replace part A before it causes parts B, C and D to fail in a cascade, and of course a lot of safety sensors from steering aid to ABS give you better control, especially in those dangerous situations. And if they all fail, the whole rest of security stuff keeps you alive, hopefully, i

  • Looks like you dodged that bullet.

  • "We just want to lock them and say modify them through us so that we can charge you more money for it." Fixed that for you...
  • by sinij ( 911942 ) on Sunday November 27, 2022 @07:58AM (#63082816)
    One example where there is a case for aftermarket tuning is when auto manufacturers sell the same engine with different tunes. At the same time you have idiots tuning their cars to make obnoxious backfire noises or even worse programmatically increase boost until engine is about to fail on a leased car.
  • Instant improvements (Score:4, Interesting)

    by markdavis ( 642305 ) on Sunday November 27, 2022 @08:05AM (#63082822)

    I flashed a proper third-party tune to my motorcycle 9 years ago. It instantly:

    1) Improved my fuel mileage by about 10%
    2) Got rid of a large power loss band between 2K and 5K RPM
    3) Made the throttle far less "twitchy", improving control
    4) Made shifting much easier

    So I then had a more powerful, safer, easier-to-drive, smoother, and more fun vehicle. So why didn't the manufacturer do that? Because they tune for the lowest common denominator and never offered any updates. Once they sell the vehicle and it doesn't have gross liability or defects, they don't care anymore. 4 years ago, I flashed an even newer tune and it was even better.

    Unlike the manufacturer, the aftermarket tuners (at least the ones I used) actually DRIVE this model for years, listen to feedback, test hundreds of times, and continuously improve the expensive vehicle we bought. They live or die on their reputation and reviews. Is there some risk? Yes. But is it worth it? Hell yes. Is it for everyone? Probably not.

    I know dozens who did the same thing, they all love it and have had zero problems over countless miles. And yes, all the pollution controls are in place, CAT works fine, and running stock muffler. The improvements in fuel economy way more than make up for any rare negative "emissions" spots that might come into play.

    • Unlike the manufacturer, the aftermarket tuners (at least the ones I used) actually DRIVE this model for years, listen to feedback, test hundreds of times, and continuously improve the expensive vehicle we bought.

      Exactly. Built by people who eat their own dog food.

  • It's "quality control".

    No.

  • "We just want to lock them and say modify them through us so that we know it's done right."
    For a nominal service fee. So nominal that a small company won't be able to afford it.

    This makes me wonder how the EU anti-Apple/Google app store crowd will react.

  • by v1 ( 525388 )

    "We don't want to lock the cars and say you can't modify them," Dodge CEO Kuniskis told Carscoops. "We just want to lock them and say modify them through us so that we know it's done right."

    They will always cite "safety and security" when they need to explain their actions and don't want to just come out and say because we want more of your money.

    I find this announcement incredibly well-timed seeing as Mercedes JUST announced they are paywalling good acceleration.
    https://www.engadget.com/mercedes-accelerat [slashdot.org]

  • by sjames ( 1099 )

    Just another corporate boogerhead telling us we're doing this odious thing for your own good. If they REALLY cared about customer privacy and safety they would rip out all the telemetry and go with an entirely unencrypted local CANbus with well documented protocols. They might require signed firmware but allow the owner to add additional valid signing keys.

    A code reader shouldn't be an expensive extra, it should be built in to the in-dash LCD along with explanatory text.

  • But so many would be tripping over themselves trying to explain that a phone should be locked and only the manufacturer should be allowed to touch it.
    "People should be allowed to modify their stuff.... Unless it's made by Apple"
  • So, if car thinks it's being tampered with it shuts things off and becomes undriveable? Great like we did not have enough electronic doodads going haywire in modern cars now the whole car shuts down? Expect that to be exploited greatly.

"The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts." -- Bertrand Russell

Working...