IT security experts from the Ruhr-Universität Bochum (RUB) and the University of California, San Diego and the Lübeck-based IT specialist Felix Domke have developed a tool to automatically detect fraudulent software in cars’ engine control units. Prof. Dr. Thorsten Holz’s team at the Horst Görtz Institute in Bochum and their colleagues tested 900 different versions of engine control software for diesel cars produced by Volkswagen and Fiat Chrysler over the last eight years. They discovered a mechanism in 400 of these that switched off the emissions filtering system during regular driving conditions. The analysis furthermore revealed just how sophisticated this fraud really was on the part of manufacturers.
Researchers from Bochum, which includes doctoral students Moritz Contag and Andre Pawlowski from the Chair for Systems Security at the RUB, will present the research findings alongside their American colleagues at the “IEEE Symposium on Security and Privacy”, which takes place between 22 and 24 May 2017 in San Jose, California.
Two-minute software analysis is sufficient
Up until now, you needed to run a 20-minute test on a car model on a stationary test rig to determine whether that model had a so-called defeat device built in. “If you want to test ten car models, then you needed to put ten cars up on the test rig. That’s costly,” explains Thorsten Holz. “Our tool doesn’t need the actual car, but just the engine control software instead. It takes just two minutes for us to determine whether there is a defeat device.”
Researchers can determine from the software itself how the car is meant to respond to various conditions, such as which emissions filtering mechanisms are switched on in which specific situations.
It wasn’t just Volkswagen’s engine control software that IT experts put under the magnifying glass. They also examined the Fiat 500X’s system, the car model that prompted the European Commission to initiate legal action against the Italian government on 17 May 2017. “Fiat was pretty crude in how they went about it,” according to Thorsten Holz’s assessment. While the VW software judged whether a car was being tested based on the alternation between accelerating and braking, Fiat just assumed a test cycle lasts 20 minutes, switching emissions filtering off after 22 minutes of continual operation.
Because the researchers looked at software from the past eight years, they were able to trace how the defeat devices grew more sophisticated over time. Their goal now is to continue developing their tool so that it can automatically analyse any car manufacturer’s engine control software.