Stop, thief!
Skyrocketing vehicle theft rates in some U.S. cities have drawn attention to an inconvenient truth: the increasing amount of technology in our vehicles can make them increasingly vulnerable to hacking or theft.
Now, a solution that leverages perhaps the lowest-tech feature of today’s vehicles — the auxiliary power outlet, known to those of a certain age as the cigarette lighter — has been developed by a University of Michigan-led research team.
With a new $1.2 million dollar grant from the National Science Foundation, the team is set to begin large-scale testing of Battery Sleuth, a vehicle security system that can protect against sophisticated wireless hacking, old-school jimmying, and everything in between.
Lit up
Keep it simple
Battery Sleuth bypasses both the wireless communication that key fobs depend on and the standardized onboard communication network that’s used in today’s vehicles. Instead, it authenticates drivers by measuring voltage fluctuations in a vehicle’s electrical system. Drivers interact with it through a keypad device plugged into the auxiliary power outlet.
“The great thing about the power outlet is its simplicity — it’s just a wire connected to the battery, so there’s nothing to hack,” says Kang Shin, the Kevin and Nancy O’Connor Professor of Computer Science at U-M and lead researcher on the project. “And creating voltage fluctuations with components like windshield wipers or door locks is even simpler.”
Battery Sleuth delivers a predetermined series of voltage fluctuations — a sort of “voltage fingerprint” — to the car’s electrical system when the driver enters a numerical code into the keypad device. A receiver then recognizes this fingerprint and enables the vehicle to start. Drivers can also deliver the voltage fluctuation manually using auxiliary functions that draw battery power. They might perform some combination of flicking the windshield wipers, turn signal or headlights on and off, or locking and unlocking the doors.
Installed between a vehicle’s battery and the car’s electrical system, Battery Sleuth’s default mode allows the battery to deliver enough current to power systems like electronics and lights, but not enough to power the vehicle’s starter. Only when it detects the pre-set series of voltage fluctuations in the vehicle’s electrical system does it turn up the juice, allowing the battery’s full power through to the starter.
“The idea of measuring fluctuations in a car’s electrical system seems simple, but designing one device that can do it accurately on thousands of different vehicle models in varying environmental conditions gets quite complicated,” says Liang He, assistant professor of computer science and engineering at the University of Colorado, Denver, and a researcher on the project. “We’re working to design a system that’s smart enough to measure the parameters of the vehicle it’s installed on and then customize itself to work effectively on that vehicle.”
Let’s work together
Battery Sleuth also has defenses to guard against hacking or physical attacks on the device itself, including a siren that sounds if illegitimate activity is detected and a resistor that shuts down the vehicle’s electrical system if an unauthorized power source is connected to the vehicle. The system is designed to work as either an add-on to existing vehicles or a permanently installed component on new vehicles.
“Vehicle theft costs drivers and insurance companies more than $4 billion each year in the United States alone, and that’s partly because today’s vehicles use a hodge-podge of computer systems that were never designed to work together,” Shin says. “Each new layer of technology introduces new security vulnerabilities, and rather than try to patch each one, we’ve developed a system that works completely independently.”
In a field test study on eight vehicles published in July 2022, the researchers showed that a prototype of Battery Sleuth was more than 99.9 percent effective at detecting and preventing illegitimate activity without interfering with normal vehicle operation. The team plans to use the new grant to fund more extensive testing at U-M’s Mcity test facility. The next stage of the process will also explore expanding the system to enable it to control entry to the car, making it useful for applications like vehicle sharing.
At the end of the three-year project, the team aims to have a commercially viable prototype that can be scaled up to commercial production, first as a theft deterrent device, and potentially later as a complete vehicle entry and control system that could replace traditional keys and fobs.
The research was supported by the National Science Foundation Division of Computer and Network Systems under the Computer Science and Engineering Directorate, grant number 2245223.
(Lead image: An experimental prototype of the Battery Sleuth authenticator device installed in a vehicle. Credit: Kang Shin.)
Peter Gruner - 1970, Graduate School of Landscape Architecture
Good work – a simple solution that does the job with no fuss and enjoys wideest coverage, all hopefully at a reasonable price
Reply
Joseph Marion - 1973
Old idea, but effective. I was part of a team at U. Detroit Engineering School engineering class that designed a similar device called “Digilock” that did essentially the same thing by cutting off the fuel line in 1970.
Reply
stan goldsmith - 1982
or like my friend that had a popular car to steal back then, he simply installed a hidden ignition kill switch. i just drove an unpopular-to-steal car so was fine. lol
Reply
Gerald Rosenblatt - 1961-Law
great concept but needs to be offered by car manufacturers (after testing) as a no cost feature. Car thefts in Los Angeles where I live are way up and so are insurance rates to replace your car. Thanks.
Reply
Debbie Brown - MSW 1978
There’s no such thing as “a no cost feature.”
Reply
Nick Goodale - 1980
How does this deal with carjacking?
Reply
Beverly Trebesch - 1986
Can you add a voice that says “get the flip out of my car,” with loud background music playing Hail to the Victors.
Reply
Wendy Benedict
I can see this failing in so many ways, just like the current car alarms that goes off with no real reason. How many times have you mis-typed your password on your computer? How many times have all the electrical gadgets failed in your car? It’s a great concept but will need to be very well tested in the real world under numerous conditions.
Reply