Compliance Management, Malware, Patch/Configuration Management, Privacy, Threat Management, Vulnerability Management

Tesla security updates includes code signing feature

After a group of Chinese researchers displayed a series of vulnerabilities on a Tesla vehicle reminiscent of those performed by Charlie Miller and Chris Valasek on a Jeep Cheerokee, the electric car company responded with a firmware update that will make hacking Tesla firmware much harder moving forward.

The researchers notified Tesla and then released the video last week after Tesla rectified the problem. Rather than simply patch the problems, Tesla responded with an update earlier this month requiring any new firmware written to components on the car's CAN Bus be digitally signed with a Tesla exclusive cryptographic key, according to Wired.

“Cryptographic validation of firmware updates is something we've wanted to do for a while to make things even more robust,” Tesla's chief technical officer JB Straubel told the publication. 

The new security measure, known as code signing, will allow tighter control over who can reprogram sensitive components and will make the vehicles' in car security components more secure similar to those in an iPhone. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.