"Our results show that TPMS transmissions can be used to systematically infer potentially sensitive information such as the presence, type, weight, or driving pattern of the driver. TPMS transmissions are sent without any encryption or secure mechanisms and include a unique identifier. This allows anyone with affordable equipment like a low-cost spectrum receiver and a standard off-the-shelf antenna to capture and track them throughout time and space."
"Because the unique identifier transmitted by the TPMS does not change throughout the life of the tire, the researchers were able to match the signals to cars and track a set of verified cars. Easily deployable, each receiver costs roughly $100, making the tracking system rather affordable and demonstrating that car makers should reconsider the use of plain text wireless transmission."
"Attackers could deploy such receivers at scale for mass tracking of drivers. Attackers could combine the passive tracking with active spoofing of sensor signals, sending fake flat tire alerts to trucks to force stops and hijack their cargo."
Tire Pressure Monitoring Systems (TPMS), mandatory in vehicles worldwide, transmit unencrypted data containing unique identifiers that remain constant throughout tire life. Researchers from Spain, Switzerland, and Luxembourg deployed five low-cost receivers costing approximately $100 each to capture TPMS transmissions over 10 weeks, collecting over 6 million messages from roughly 20,000 vehicles. The study demonstrates that attackers can systematically infer sensitive information including vehicle presence, type, weight, and driving patterns. The lack of encryption or secure mechanisms makes TPMS transmissions vulnerable to mass tracking at scale. Researchers warn that attackers could combine passive tracking with active spoofing to send fake tire alerts, potentially forcing vehicle stops for cargo hijacking.
#tpms-security-vulnerability #vehicle-tracking #wireless-transmission-encryption #automotive-cybersecurity #privacy-risks
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]