| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to vulnerabilities in vehicular internal networks affecting key automated components like airbags, anti-lock brakes, and door locks has happened again within the automotive industry. Security firm Trend Micro, along with researchers at LinkLayer Labs and the Polytechnic University of Milan, uncovered a vulnerability in the CAN protocol used by car components to communicate, which could be exploited by hackers to disable critical safety mechanisms [62203].
(b) The incident highlights a fundamental security issue in the design of the CAN standard itself, affecting multiple organizations within the automotive industry that rely on this protocol for communication among car components. The article mentions that the attack represents an incremental advance in the ongoing cat-and-mouse game between the automotive industry and vehicle hackers, indicating that this type of vulnerability could potentially impact various organizations producing connected cars [62203]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase is highlighted in the article. The vulnerability in the vehicular internal networks was uncovered by security firm Trend Micro, LinkLayer Labs, and the Polytechnic University of Milan. They identified a fundamental security issue in the CAN protocol used by car components to communicate, which could allow a hacker to shut off key automated components, including safety mechanisms [62203].
(b) The software failure incident related to the operation phase is also discussed in the article. The attack described by the researchers is a "denial of service" attack that turns off components rather than hijacking them to take over basic driving functions. The attack requires the hacker to already have initial access to the car's network, possibly via vulnerabilities in the infotainment system's Wi-Fi or cellular connection, or through an insecure gadget plugged into the OBD port under the dashboard [62203]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident described in the articles is primarily within the system. The vulnerability in vehicular internal networks, specifically in the CAN protocol used by car components to communicate, allows hackers to exploit the system and shut off key automated components within the car's network [62203]. The attack described is an incremental advance in the ongoing cat-and-mouse game between the automotive industry and vehicle hackers, highlighting a fundamental security issue in the design of the CAN standard itself [62203]. The attack does not depend on a specific vulnerability in some piece of software but rather on a vulnerability in the CAN protocol, indicating an internal system weakness [62203]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The vulnerability in vehicular internal networks that could be exploited to shut off key automated components, including safety mechanisms, was uncovered by security researchers at Trend Micro, LinkLayer Labs, and the Polytechnic University of Milan. This vulnerability in the CAN protocol used by car components to communicate and send commands to each other was described as a fundamental security issue that could allow a hacker to disable critical components within the car's network [62203].
(b) The software failure incident occurring due to human actions:
The attack on the vehicular internal networks required the hacker to already have initial access to the car's network, potentially through vulnerabilities in the infotainment system's Wi-Fi or cellular connection, or via an insecure gadget plugged into the OBD port under the dashboard. This attack was described as an incremental advance in the ongoing cat-and-mouse game between the automotive industry and vehicle hackers, highlighting a vulnerability in the design of the CAN standard itself [62203]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The vulnerability in vehicular internal networks that allows a hacker to shut off key automated components, including safety mechanisms, is related to a fundamental security issue in the CAN protocol used by car components to communicate [62203].
(b) The software failure incident occurring due to software:
- The attack on the car's internal network is not dependent on a specific vulnerability in some piece of software but rather a vulnerability in the design of the CAN standard itself [62203]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The objective of the software failure incident was malicious. The vulnerability in the vehicular internal networks allowed hackers to exploit the CAN protocol, enabling them to shut off key automated components such as airbags, anti-lock brakes, and door locks, potentially leading to car theft [62203]. The attack was described as a "denial of service" attack that required initial access to the car's network and could be executed by exploiting vulnerabilities in the car's infotainment system's Wi-Fi or cellular connection [62203]. The attack was considered an incremental advance in the ongoing cat-and-mouse game between the automotive industry and vehicle hackers, highlighting a fundamental security issue in the CAN protocol itself [62203].
(b) The software failure incident was non-malicious in the sense that it did not involve taking over basic driving functions like accelerating, braking, or steering as seen in previous car-hacking incidents [62203]. The attack did not aim to hijack the vehicle but rather focused on disabling components within the car's network, making it more of a stealthy and incremental advancement in car-hacking techniques [62203]. The attack was not fully remote and required the hacker to have initial access to the car's network through other vulnerabilities [62203]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The software failure incident discussed in the articles is related to poor decisions made in the design of the CAN protocol used in vehicular internal networks. The vulnerability in the CAN protocol allows hackers to exploit the network and shut off key automated components in the car, including safety mechanisms like airbags, anti-lock brakes, and door locks [62203].
(b) The intent of the software failure incident related to accidental_decisions:
- The software failure incident is not related to accidental decisions but rather to a fundamental security issue in the design of the CAN protocol used in cars, which allows for exploitation by hackers to disable critical components within the vehicle [62203]. |
| Capability (Incompetence/Accidental) |
unknown |
(a) The software failure incident related to development incompetence is not explicitly mentioned in the provided article. Therefore, it is unknown if the failure was due to contributing factors introduced due to lack of professional competence by humans or the development organization.
(b) The software failure incident related to an accidental failure is also not explicitly mentioned in the provided article. Therefore, it is unknown if the failure was due to contributing factors introduced accidentally. |
| Duration |
permanent |
(a) The software failure incident described in the articles is more of a permanent nature. The vulnerability in the vehicular internal networks that was uncovered by security researchers allows a hacker to shut off key automated components, including safety mechanisms like airbags, anti-lock brakes, and door locks [62203]. This vulnerability is a fundamental security issue in the CAN protocol used by car components to communicate, indicating a systemic flaw in the design of the standard itself. The attack is described as a "denial of service" attack that turns off components, rather than taking over basic driving functions like accelerating, braking, or steering [62203].
(b) The software failure incident is not temporary but rather a systemic vulnerability in the design of the CAN protocol used in vehicular internal networks. The attack technique uncovered by the researchers is an incremental advance in the ongoing cat-and-mouse game between the automotive industry and vehicle hackers, indicating a long-term issue that requires significant changes in the design and security measures of connected cars [62203]. |
| Behaviour |
other |
(a) crash: The articles do not mention a software failure incident related to a crash where the system loses state and does not perform any of its intended functions.
(b) omission: The software failure incident described in the articles does not involve the system omitting to perform its intended functions at an instance(s).
(c) timing: The software failure incident does not involve the system performing its intended functions correctly, but too late or too early.
(d) value: The software failure incident does not involve the system performing its intended functions incorrectly.
(e) byzantine: The software failure incident described in the articles does not involve the system behaving erroneously with inconsistent responses and interactions.
(f) other: The behavior of the software failure incident is related to a vulnerability in vehicular internal networks that can be exploited to shut off key automated components, including safety mechanisms, by sending corrupted bits to override correct bits in the original frames of communication within the car's network. This behavior is more about exploiting a vulnerability in the design of the CAN protocol itself rather than a specific software crash, omission, timing issue, or byzantine behavior [62203]. |