Hacking Traffic Lights

New paper: “Green Lights Forever: Analyzing the Security of Traffic Infrastructure,” Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman.

Abstract: The safety critical nature of traffic infrastructure requires that it be secure against computer-based attacks, but this is not always the case. We investigate a networked traffic signal system currently deployed in the United States and discover a number of security flaws that exist due to systemic failures by the designers. We leverage these flaws to create attacks which gain control of the system, and we successfully demonstrate them on the deployment in coordination with authorities. Our attacks show that an adversary can control traffic infrastructure to cause disruption, degrade safety, or gain an unfair advantage. We make recommendations on how to improve existing systems and discuss the lessons learned for embedded systems security in general.

News article.

Tags: , , ,

Posted on August 28, 2014 at 6:14 AM16 Comments

Comments

Muffin August 28, 2014 6:48 AM

Causing disruption, fine, degrading safety, makes perfect sense, but how does one “gain an unfair advantage” when it comes to traffic lights?

MR August 28, 2014 7:06 AM

Re: “gain an unfair advantage”

Imagine FedEx get a hack to make the lights green every time one of their trucks gets to an intersection. Then imagine a phone app to trigger red lights when Mr. FedEx driver sees a UPS or USPS truck near them.

Nick P August 28, 2014 8:10 AM

It’s a nice and informative paper. Yet, I’m surprised to see no mention of the Mirt: a device that turns red lights green. Doesn’t work on all of them, but have been used by street racers a long time with plenty success. I heard they’re around $300 a pop from a buddy who homebrewed them for racing and profit.

Course Im still drinking the coffee so may have overlooked it. Just hard to imagine a paper on attacking a thing missing main attack in use.

qwertyuiop August 28, 2014 8:14 AM

This is news? It was demonstrated way back in 1969 in the film “The Italian Job” (original version)!

😉

Peter A. August 28, 2014 1:19 PM

In my city streetcars/trams (however the noisy buggers are called in English) use infrared emitters with some simple modulation to operate track switches. The driver just presses one of two buttons (left or right) to set the switch position.

Some idiot reverse-engineered the modulation and created his own transmitter (or maybe just used a ready-to-use app? some handheld devices have IR interfaces) and then kept derailing trams by operating the switch while the tram was riding through it. Hopefully, nobody has been killed, but there were injuries. He got arrested and tried eventually, but this is one of the sad consequences of nonexistent security in public infrastructure systems.

Another example from a few years ago: a couple of ex-railway-workers used ham radios with some simple modulator to send the so-called RADIO STOP signal to wreak havoc. The signal is intended to command all locomotives in the area to engage the auto-brake system in case of an imminent danger of a disaster. The dispatchers have a special button on their radios and can send the signal in an emergency. This is an old system and uses a simple modulated signal over FM radio channels that are normally used for voice communications between railway workers. Some old locomotives don’t even have the radio connected to the auto-brake system, so it is the engineer who engages the brakes when he hears the distinctive tone on his radio – therefore this system is difficult to replace with something more secure.

fajensen August 29, 2014 1:22 AM

I have built some of these things in a former life – before I realised that we “knowledge workers” are pretty much the assembly line “hands” of the old days and went on to do something else.

If “security” is not explicitly in the initial requirements list, then we will not be allowed to spend any time designing it in. I have seen developers take ICMP out of a (working) IP stack because “the customer didn’t ask for that” on the orders of a Product Manager!”. The stack didn’t work after, but, Priciples are Important to certain people.

Many things we assume to be of a certain quality is in fact engineered following the old priciples of builders (they asked for “architecting” and the got it): The contract is won on the lowest costs; the profit is made on the change requests!

TIM August 29, 2014 3:52 AM

This is a feature in the Game “Watch Dogs” and reading all the interesting news on this blog and other sides I am not sure what of “Watch Dogs” is fictional anymore.
I think the result of a comparison of reality knowledge (post Snowden) versus fictional options for the actor of Watch Dogs might bring interesting results.

askme August 29, 2014 12:34 PM

I recall at one point in my youth about the idea of building the little IR gadgets that Fire trucks use to turn all the lights green (MIRT?). I was imagining always having green lights everywhere I went. A smarter soul pointed out that if you intend to hack public infrastructure, being right in front of the camera’s while doing it isn’t very smart.

SJ August 29, 2014 12:48 PM

@qwertyuiop

Hacking traffic lights is a “Movie Plot Threat”.

In the sense that the attack doesn’t provide much direct benefit. But it does help movie-level villains pull off complicated plots.

Nick P August 29, 2014 3:04 PM

@ TIM

Yeah it is. I demo’d that game at a friend’s house. The AI was a joke: just drove straight down the highway while cops crashed themselves. The game does feature hacking devices that can manipulate most items in the city. Far as gaming, the mechanic is over powered in that the game’s barely a challenge with the quick recharge time. It was like God mode. I just told people to do GTA5 instead.

For this topic, I’d say what’s in the game is quite unrealistic. Most devices are dedicated, diverse machines. You’d have to pre-hack everything you wanted to use, possibly add wireless capability, and hope your modification doesn’t get noticed. If it’s physical and does, they’ll likely start checking their stuff regularly. A DOS on your capability and cost in your wallet at the least. There’s also the risk you get caught while messing with the stuff. This risk is much higher in small towns where the cops might know most of the local utilities.

The closest thing to Watchdogs are cities going “smart” and centralized. These cities might have control centers dedicated to traffic management, energy, etc. I don’t live in one so I’m guessing it’s both networked and that it’s several different organizations/networks instead of one. Logical or physical networks. In this case, some Watchdog-style capability might exist. Issuing commands would require hacking the control system, which might require physical action. What you caused they’d see so stealth requires modifying any internal data they see to hide that you’re doing it. So far, it’s sounding more difficult than remotely hacking a mainframe and then just pressing buttons on a phone.

Buck August 29, 2014 3:34 PM

@Nick P

You’d have to pre-hack everything you wanted to use, possibly add wireless capability, and hope your modification doesn’t get noticed.

I’m not familiar with the storyline of Watchdogs, but given the title, I had assumed this was the case… 😉

TIM September 1, 2014 8:54 AM

@Nick P

Thank you for your response. In the game the main character hacked the central control systems/towers that control all systems of the cities.

In our real world 2.0, billions of devices use java and/or android with permanent uplinks to the internet and with implanted backdoors by manufacturers and agencies, I think we are much closer to the story as we should be.

Before posting in this blog I had some things in mind about this:

  • You can’t trust any digital device anymore, especially if it’s online or has external interfaces to connect to
  • You have cameras everywhere around you (official devices like security cams on the street, in stores, traffic) and almost any smartphone can be turned into a spy device to use its camers, microphones (including gyroscope) … and think of modern tv with cameras, gaming consoles, etc.
  • Many people give apps access to gps-data, even this has nothing to do with the apps functions … and if it hasn’t to be such precise you could use the gsm/3g/lte communication signals with the transmitters
  • There are databases with pre-generated hashes, wordbooks, stolen passwords, etc for gain access much faster
  • Sensitive infrastructure systems are connected with centralizied control systems over the internet to save the companies or goverments money
  • Agencies like the NSA has its own botnet-infrastructure for accessing systems by using backdoors or exploiting vulnerabilities

Let’s suppose you have all these options to access as much informations you can get and combine those data, then you would be able to follow almost any person by accessing the available cameras, you could steal the persons money from the bank, you might control the traffic light, shutdown some power plants.

Sure, in the game you can control nearly anything everywhere on the map and in reality there are many (digital-)free spots left, but in the name of technical progress they will be closed in future. And yes, you and I don’t have access to all of these data and systems today but I think nobody should ever have this access to play “Watch Dogs” in reality.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.