Volkswagen Scandal: Found Cheating Software Source Code
the 26.05.2017
German and American computer scientists have managed to retrieve the source code of the fake software used by Volkswagen to defraud on its pollutant emissions.
DIESELGATE. We call it the Volkswagen affair: the scandal that hit the manufacturer following its fraudulent polluting emissions caused a lot of noise in 2015. And there is something new, since a team of German and American researchers from the University of the Ruhr in Bochum and the University of California presented the results of an extensive analysis work, which reconstructs the faulty source code, at an international symposium on security. And the results confirm the thesis of massive fraud: out of 900 different embedded firmware, used between 2009 and 2016, more than 400 would have been faked, thanks to a few well-placed lines of code. And Volkswagen is not the only one: Fiat is also pinned, when we learn on May 26, 2017 that a "class action" driven in the United States blames General Motors for the same case.
The video below recalls the principle of fraud, which is already known: the on-board computer detects the test phases and activates the anti-pollution device ... which remains off during normal operation on the road. Result: emissions of nitrogen oxides up to 40 times the maximum allowed by American and European regulators.
The tricked code retrieved by reverse engineering
The known principle remained to identify precisely the portion of the code causing the problem, which took a year. "We found the murder weapon and how the builders used it," said Kirill Levchenko, a computer scientist at the University of San Diego in California. "In fact, the evidence of the fraud was there for all to see." And for good reason: all they had to do was download the software binaries (the manufacturer makes them available to mechanics and the expert public) in order to find the disputed code, by reverse-engineering from the documentation available on the manufacturer's site. .
Quickly, the researchers identified a piece of code called "acoustic condition". At first glance, it seems like a simple engine noise check test. But a closer look quickly reveals that this keyword is in fact used for conditional testing to find out, for the on-board computer, whether the vehicle is going through a homologation test or not. And so, whether or not he should activate his anti-pollution mode. And the fraud is perfected, "one of the most complex special effects in the history of the automobile", argues Kirill Levchenko. Indeed, the system takes into account no less than 10 specific profiles (vehicle speed as a function of time) commonly used for homologation. Another problem: the definition of homologation tests, standardized, is obviously public. What to simplify the cheating, according to the researchers.
Risks of generalized fraud
The researchers also discovered a second variation of the rigged code in the Fiat 500X engine firmware. This is more rudimentary since it is a simple stopwatch, which activates the anti-pollution mode only during the first 26 minutes and 40 seconds of operation, which corresponds to the average duration of a check. "We are the first to publicly identify this rigged device," write the authors.
BOSCH. What is the commonality between Fiat's and Volkswagen's electronics? The manufacturer Bosch, which manufactures EDC17 electronic blocks for diesel engines (see illustration in picture). "We have found strong evidence which shows that the two rigged devices were created by Bosch and then activated by the two manufacturers for their respective vehicles.". Today, the most used method for homologation remains the dynamometer, a mechanic's chassis allowing the immobilization of the vehicle and the free rotation of the wheels, enough to carry out all kinds of tests freely. For Kirill Levchenko, "this type of approval is no longer sufficient, the regulators must also be interested in the conformity of the software". A vast project ...
Readers who are eager for technical details will find below the recording of the conference given by Moritz Contag, co-author of this study.
https://www.sciencesetavenir.fr/high-te ... che_113222