| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to hacking a car over the Internet and exploiting vulnerabilities in the OnStar system happened again at General Motors (GM). A group of security researchers at the University of California at San Diego and the University of Washington had privately disclosed the exploit code to GM in 2010, targeting GM's 2009 Chevy Impala. GM took nearly five years to fully protect its vehicles from the hacking technique, indicating a failure to address the vulnerability promptly [51221].
(b) The articles mention that the incident involving hacking cars through vulnerabilities in the OnStar system highlighted a lack of security preparation in the entire industry of Internet-connected cars. The researchers pointed out that automakers, including GM, were not equipped to fix hackable bugs in their vehicles' software promptly, similar to how tech companies like Microsoft and Google address software vulnerabilities quickly. This lack of readiness in the automotive industry to address cybersecurity threats was a broader issue affecting multiple organizations within the industry [51221]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of the car hacking technique targeting GM's 2009 Chevy Impala. The security researchers discovered a vulnerability in the OnStar dashboard computer that allowed them to remotely exploit the system, gaining control over various functions of the vehicle, including tracking, engaging brakes at high speed, and disabling brakes altogether. Despite the researchers privately disclosing the exploit to GM and the National Highway Traffic Safety Administration in the spring of 2010, GM took nearly five years to fully protect its vehicles from the hacking technique [51221].
(b) The software failure incident related to the operation phase is evident in GM's delayed response and patching process to protect its vehicles from the OnStar exploit. Despite efforts between 2010 and late 2014 to shield its vehicles from the attack method, GM's security measures were not fully effective until they silently pushed out a software update over its Verizon network to millions of vehicles with the vulnerable Generation 8 OnStar computer starting in November 2014. The delayed timing of the patch and the challenges in updating the software on the OnStar computers indicate operational difficulties in addressing the security threat promptly [51221]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident discussed in the articles is primarily attributed to factors originating from within the system. The failure was related to a vulnerability in GM vehicles' software that allowed for remote exploitation, enabling hackers to take control of various vehicle functions, including brakes and transmission [51221]. The delay in addressing this vulnerability was not due to external factors but rather to the lack of security preparation and capabilities within the automotive industry at the time. GM's slow response to fully protect its vehicles was a result of the organization not being optimally structured to address cybersecurity concerns in 2010 [51221].
(b) outside_system: There is no explicit mention in the articles of the software failure incident being caused by contributing factors originating from outside the system. The focus is primarily on the internal factors within the automotive industry, such as the lack of security preparation and capabilities, that led to the vulnerability in GM vehicles [51221]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident in the article was primarily due to vulnerabilities in the software of GM vehicles that allowed for remote exploitation by hackers. The attack targeted the OnStar dashboard computer and could control various functions of the vehicle, such as tracking vehicles, engaging brakes at high speed, and disabling brakes altogether. GM took nearly five years to fully protect its vehicles from this attack, highlighting a lack of security preparation in the industry of Internet-connected cars [51221].
(b) The software failure incident occurring due to human actions:
The delay in fully protecting GM vehicles from the hacking technique was attributed to a lack of security preparation in the industry of Internet-connected cars. The researchers who discovered the vulnerability privately disclosed it to GM and the National Highway Traffic Safety Administration in 2010, but GM took nearly five years to patch the software vulnerability. GM's chief product cybersecurity officer acknowledged that the organization was not optimally structured to address the cybersecurity concern at that time [51221]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident discussed in the articles primarily relates to software vulnerabilities rather than hardware issues. The incident involved a hack on GM vehicles through their OnStar dashboard computer, which was exploited by security researchers [51221]. The vulnerability allowed attackers to remotely control various functions of the vehicle, such as tracking, engaging brakes, and disabling brakes. The delay in patching the software and the challenges faced by GM in addressing the security flaw highlight the software-related nature of the failure incident.
(b) The failure incident is attributed to software vulnerabilities in the OnStar dashboard computer of GM vehicles. The security researchers were able to exploit these vulnerabilities to gain remote control over the vehicles, demonstrating a flaw in the software system [51221]. The delayed response by GM in addressing the software vulnerability and the subsequent patching process underscore the significance of software-related factors in the failure incident. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. Security researchers were able to hack into a General Motors' 2009 Chevy Impala through a remote exploit targeting its OnStar dashboard computer. The attack allowed the researchers to have complete control of the car, except for the steering, enabling them to track vehicles, engage brakes at high speed, and even disable brakes altogether. The researchers privately disclosed the exploit to GM and the National Highway Traffic Safety Administration in 2010, but GM took nearly five years to fully protect its vehicles from the hacking technique [51221].
The incident involved a chain of hacker attacks integrated into a single exploit, starting with a phone call to the Impala's OnStar computer triggering a vulnerability known as a "buffer overflow." This initial attack allowed the hackers to take control of the OnStar computer's data connection and penetrate the car's CAN bus, which controls various functions like brakes and transmission [51221].
The delayed response from GM in addressing the vulnerability in its vehicles, the challenges faced in patching the software, and the need for over-the-air updates to fix the issue highlight the malicious nature of the software failure incident [51221]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The software failure incident involving the hack of GM vehicles was partly due to poor decisions made by the automakers and the industry as a whole in terms of security preparation for Internet-connected cars [51221].
- GM's delayed response in fully protecting its vehicles from the hacking technique was not due to negligence but rather a lack of security preparation in the industry of Internet-connected cars [51221].
- The researchers argue that GM's failure to fully protect its vehicles from the attack did not reflect negligence but rather a lack of capabilities in the industry to fix hackable bugs in vehicles' software [51221].
- GM's slow response to the vulnerability in its vehicles was attributed to the fact that the organization was not optimally structured to address cybersecurity concerns in 2010 [51221].
(b) The intent of the software failure incident related to accidental_decisions:
- The software failure incident involving the hack of GM vehicles was not due to accidental decisions but rather a lack of security preparation and capabilities in the industry of Internet-connected cars [51221].
- The delayed timing of the patch by GM was not accidental but rather a result of the organization not being ready in 2010 to deal with the threat of car hackers [51221].
- The failure to fully protect GM vehicles from the attack was not accidental but rather a reflection of the industry's lack of readiness to address cybersecurity concerns in the past [51221]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident related to development incompetence is evident in the case of General Motors' delayed response to the car hacking technique discovered by security researchers from the University of California at San Diego and the University of Washington. Despite being privately disclosed to GM and the National Highway Traffic Safety Administration in the spring of 2010, GM took nearly five years to fully protect its vehicles from the hacking technique targeting its OnStar dashboard computer [51221].
(b) The accidental software failure incident is demonstrated by the flaw in GM's attempt to block the attack on its cellular network in 2011. Even after putting in place a measure to block data connections from OnStar computers to unauthorized servers, a flaw existed in the fix that allowed the exploit to work again in certain situations. The researchers found that one in every 10 or 12 times they restarted their Impala, its OnStar registered with the Verizon network in a way that failed to prevent it from connecting to a malicious server, unintentionally leaving the vehicles vulnerable to the attack [51221]. |
| Duration |
temporary |
The software failure incident related to the vulnerability in GM vehicles to hacking was temporary in nature. The vulnerability persisted for nearly five years from the time it was privately disclosed to GM and the National Highway Traffic Safety Administration in the spring of 2010 until GM was able to push out a software update over its Verizon network to millions of vehicles with the vulnerable Generation 8 OnStar computer between November 2014 and the first months of 2015 [51221]. This indicates that the software failure was not permanent but rather existed for a specific duration due to certain circumstances. |
| Behaviour |
crash, omission, timing, value, other |
(a) crash: The software failure incident described in the articles can be related to a crash. The incident involved a vulnerability in GM vehicles' software that allowed hackers to remotely exploit the OnStar dashboard computer, gaining control over various functions of the vehicle, including the brakes and transmission. This loss of control over critical vehicle systems due to the software vulnerability can be considered a form of a crash in the system [51221].
(b) omission: The software failure incident can also be linked to omission. Despite efforts by GM to patch the vulnerabilities in later versions of OnStar, the security measures implemented did not fully prevent the exploit in vehicles using the vulnerable eighth-generation OnStar units. This omission in fully addressing the vulnerability left potentially millions of vehicles on the road susceptible to the attack [51221].
(c) timing: The timing of the software failure incident is also significant. GM took nearly five years to fully protect its vehicles from the hacking technique after it was privately disclosed to the company and the National Highway Traffic Safety Administration in the spring of 2010. The delayed response in addressing the vulnerability highlights a timing issue in the software security measures taken by GM [51221].
(d) value: The software failure incident can be associated with a failure in value. The vulnerability in the OnStar system allowed hackers to exploit the software, gaining control over critical vehicle functions such as tracking vehicles, engaging brakes at high speed, and disabling brakes altogether. This incorrect performance of the software, allowing unauthorized control over vehicle functions, represents a failure in the intended value of the software [51221].
(e) byzantine: The software failure incident does not exhibit characteristics of a byzantine failure, which involves inconsistent responses and interactions within a system. The incident primarily revolves around a specific vulnerability in the OnStar system that allowed for remote exploitation of vehicle functions, rather than erratic or inconsistent behavior within the system [51221].
(f) other: The software failure incident can be categorized under the "other" behavior as well. This incident highlights a failure in the industry's security preparation for Internet-connected cars, showcasing a lack of readiness to address software vulnerabilities in vehicles. The incident also underscores the evolving nature of cybersecurity practices in the automotive industry and the need for improved incident response and update systems to address software vulnerabilities effectively [51221]. |