研究攻击案例的主要目的在于“知攻”,也就是搞清楚攻击者是如何攻破车辆、实现控车的。关于对特斯拉的攻击研究,腾讯的科恩实验室贡献了几个成功的案例,按道理讲应该先解读科恩系列。但是,作为一名车联网安全工程师,我对攻击者的完整尝试路径更感兴趣,因为完整的尝试路径包含丰富的对抗信息,包括车辆的哪些防护手段有力地击退了攻击者,哪些防护手段缺失或者存在缺陷,最有效的防护手段是什么等等,而科恩的报告对这部分信息的描述甚少。因此,本文选取Pentest Partners的《Reverse Engineering Tesla Hardware》作为解读系列的开篇,一方面尝试解释清楚Pentest Partners的攻击过程,另一方面,也是我的主要目的,试图发掘真实攻击场景下,车联网安全防护技术的实际防护效果,并探索防护失效的深层次原因。
Pentest Partners的完整报告由两篇文章组成:《Reverse Engineering Tesla Hardware》、《Reverse Engineering the Tesla Firmware Update Process》,前者描述了从拆件到还原硬件架构的过程,后者描述了通过逆向FOTA发现和利用漏洞的过程。本文主要解读第一篇,该篇对车载芯片的拆解和逆向探索的过程记录详细,堪称教科书式的板级逆向。书归正传,文归正叙,下面开始解读。
为了方便逆向,研究员首先将车机拆了下来:
“We took the CID out of the Tesla to power it up and examine it.”
(实物图片均来自Pentest Partners博客,后文不再说明)
拆解后可以看到两块主要的芯片:IC和CID。IC即Instrument Cluster,仪表盘;CID即Central Information Display,中央信息显示器,即特斯拉娱乐屏背后的计算芯片。关于IC和CID的确认过程没有太多的描述,可能是根据公开信息获取,也可能是根据芯片上的标记获取。
(该步骤还原的架构图,后文亦不再说明)
根据芯片上的文字和标致,研究员确认了VCM在IC和CID两处的存在:
“An NVidia VCM (Visual Compute Module) sits at the core of the CID. This is an ARM based single-board computer module that runs Linux – the operating system that drives most of the visible actions of the Tesla.
Nvidia VCM modules are used in both the CID and IC.”
“An Nvidia Tegra System-on-Chip (SoC) is used in the VCM. This has a multi-core ARM processor, GPU and various other audio and video accelerators.”
“ You can obtain technical reference manuals for the Tegra 2, 3 and 4 SoC lines, but they don’t contain ball-maps or pin-outs, so are of limited use for reverse engineering.
To gain access to documentation and forums, a valid developer account was created for Nvidia.com, but we could only find one reference for VCMs or the Jetson Pro development kit. We wrote a forum post asking about documentation but got no response. We envisage that an NDA would have to be signed to gain access to anything significant but it is unlikely that we would be able to share any of the information with third parties.”
“We believe that the pin-outs of the two VCMs were the same – voltage supply and ground appeared to be on the same pins, which was confirmed with an oscilloscope. We did not want to direct test the VCMs from the Tesla due to risk of damaging or bricking the CID or IC. This could make the car unusable, and cost somewhere between £3,000 and £10,000 to have repaired by Tesla.”
“we obtained a third VCM from a second-hand IC. This was the same as the VCM in the IC from the test, except it had 50% less RAM. The IC itself was a different model. We conducted invasive testing”
“A built-in Ethernet switch connects the VCM to the rest of the vehicle via a Marvell 88E6061. This five-port 10/100 switch supports VLANs. It is configured using SMI, a serial interface. The Ethernet switch is configured when the CID starts.”
“A logic analyser could sniff the SMI commands. We could not ascertain whether they were sent by the VCM or the gateway processor. Traffic is segregated from the various components using several VLANs.
There is no security functionality associated with the SMI, for example integrity protection – it trusts all signals, meaning that communications can be tampered with or modified. VLAN configuration could be modified in this way, potentially creating new routes into the system. ”
通过网关芯片上的文字和标致信息,研究员很容易就确认了网关芯片的型号:
“Here we show the gateway with CAN transceivers. Similar devices are often found in CAN gateways. The gateway is connected to the CAN buses and the Ethernet switch. We believe the firmware on the gateway is FreeRTOS, a light-weight real-time operating system (RTOS) with multiple automotive uses.”
“Most TCUs in vehicles do not allow user-accessible and swappable SIM. Embedded or inaccessible SIMS are becoming the norm. Despite further examination of the Tesla, we did not uncover any functionality for tracking or eCall running on the CID’s VCM. This suggests these safety and security features run directly on the cellular modem, as per TCUs in other vehicles.”
“Recovering firmware from a Sierra Wireless AR8522 module without causing damage is extremely difficult, being as it is a tightly packed BGA module with numerous BGA chips, all contained under a soldered-on shield”