1

An Automotive System for Anti-Theft

Sayooj Sasidharan M.V., AM.EN.U4EEE11057, EEE-A,ASE
Abstract Automotive theft has been a persisting problem around the world and greater challenge comes from professional thieves. In this paper, we present an automotive security system to disable an automobile and its key auto systems through remote control when it is stolen. It hence deters thieves from committing the theft. It also effectively prevents stealing of key auto systems for re-selling by introducing four layers of security features written in the form of firmware and embedded on the Electronic Control Units (ECUs). The details of system design and implementation are described in the paper. The experimental results show that our system is feasible and the owner can securely control his vehicle within a few seconds.
Index Terms Car Communications, Security System, AntiTheft, Controller Area Network, Temper Detection

I. INTRODUCTION Automotive theft has been a persisting problem around the world. In the US alone, 1,237,114 motor vehicles were reported stolen in 2004, and the equivalent value of stolen motor vehicles was $7.6 billion US dollar . The automobiles have been stolen for different reasons viz. for using the vehicles for transport, commission of crimes and for reusing or reselling parts dismantled from the vehicles or resale of the vehicle itself. Various technologies have been introduced in recent years to deter car thefts, for example, Immobilizers to remotely disable the lost vehicles, Microdot Identification to identify auto parts using unique microdots, Electronic Vehicle Identification (EVI) to identify the vehicle against a registration database, LoJack System to use in-built transponders for tracking down vehicle, GPS to locate the position of the lost vehicles using global positioning system, and so on. However, there are still some security gaps which these technologies do not address. For example, while the immobiliser can prevent a thief from starting a car engine and driving away, it is unable to stop professional thieves from towing the car away. The professional thieves can then dismantle the stolen vehicle and re-sell the components. The thieves will also have the luxury of time to remove the immobiliser and re-sell the car using another identity; while microdot identification has the advantage of being very difficult in removing the microdots, identification and verification of vehicle information is inconvenient as a microdot has to be removed and read from a microscope. Microdot identification is ineffective against thieves who export the stolen vehicles or the chopped car parts to countries which do not practise the identification and verification of vehicles; the EVI approach is efficient when it comes to identification and verification of vehicles since this is done electronically. However, EVI is less effective against the chop shop scenario where stolen vehicles are dismantled and their

parts are re-sold into the market. In addition, the EVI approach is ineffective against thieves who export the stolen vehicles or the chopped car parts to countries which do not implement the EVI system; while LoJack Systems may be good at tracking the lost vehicles, it may take a few hours/days/months or even cannot find the stolen vehicle. In addition, they cannot disable an automobile and its key auto systems. Thus, if their radio transponders are removed, the stolen automobiles still function well and the thieves can drive them or sell them. The thieves can also dismantle the auto systems and re-sell auto parts; finally, GPS cannot penetrate forest cover, parking garages, or other obstructions. GPS relying on a short visible antenna can easily be broken off by a thief. Thus, greater challenge comes from professional thieves because they are capable of removing the immobilizers, LoJack or GPS parts from the automobile and re-sell the vehicles or auto parts. The most effective automotive security system is probably one that will lead a thief to abandon the idea of stealing the automobile that he sets his eyes upon. This will be the case if the thief knows that he will gain little economic benefits from his theft in spite of the risks he will be taking. If a theft knows that an automobile and its key auto systems will be disabled when its owner finds that the automobile is stolen, it will deter the theft from committing the theft. Therefore, this paper presents our automotive security system to disable an automobile and its key auto systems through remote control when it is stolen. The remainder of this paper is organized as follows: in the next section, we present our security system, while Section III presents the details of implementation. Section IV presents our experimen II. AN AUTOMATIVE SECURITY SYSTEM We design and develop an automotive security system to disable an automobile and its key auto systems through remote control when it is stolen. Our system will verify the automobile and its key auto systems before it allows the automobile to start. If our system receives a disable command from the owner, the system will disable the automobile from re-starting and the key auto systems from activating. Thus, the owner still has some control to disable the vehicle from starting and key auto systems from activating after it is stolen. Our solution is targeted for the automobiles with Controller Area Network (CAN) and Electronic Control Units (ECUs) which are integrated with mechanical parts for good performance. Almost all high-end cars have ECUs integrated with the different mechanical parts like fuel-injection system, ignition and crankangle sensor systems. Fig. 1 gives an overall view of the security system from the perspective of the automobiles owners.

2 system can be analyzed in Table I. Table I compares our technology with other automotive anti-theft solutions. From the comparison, our automotive security technology is a most effective solution at current stage.
TABLE I. COMPARISON OF DIFFERENT ANTI-THEFT SOLUTIONS

Chopping of auto parts Our technology Immobiliser Microdots Identification EVI LoJack System GPS Effective to some degree Ineffective Effective to some degree Ineffective

Illegal export of stolen vehicle Effective Ineffective Ineffective

Automotive theft through robbery/ towing Effective

Automotive theft by breaking into vehicles Effective

Figure 1. An automotive security system for remote control.

A. Remote Disabling Once an owner realizes his vehicle is lost, all he needs to do is to send a Disable SMS from his mobile phone to a secret and specific phone number which is dedicated to the electronics on the automobile. After receiving the SMS, the security system will check the mobile phone number of owner and his allocated automobile numbers for authentication. If there is a match (owner to vehicle), the SMS is forwarded to process and the automobile cannot be started again after it stops. In other word, only owners mobile number is recognized by the system and an attacker cannot disable the automobile remotely by a SMS message. Our system on the automobile carries a single board computer (SBC) which is integrated to a GSM modem. Once a SMS message is received by the GSM modem, the single board computer checks for the correct message that is required to enable or disable the automobile. After this the single board computer gives an appropriate command to a master ECU. The master ECU then transfers the disable signal to the network of ECUs on the automobile and all the individual ECUs will disable the mechanical parts that are connected to them, which include critical systems for starting the car like ignition system and fuel pump system. B. Tamper Detection and Self-Disabling Another important feature in our system is that it has the capability of detecting if the ECUs belonging to individual mechanical parts or the automobiles CAN are tampered with. Tampering here could be disconnection and replacement of an ECU from the automobile or introducing an unauthorized listening post into the CAN. The master ECU authenticates each ECU before the automobile is started. If the system detects that one of the ECUs has been tampered with, the master ECU signals all ECUs to disable and disables itself as well. The same happens in the case if it detects an unauthorized ECU. In both remote and selfdisabling mechanisms, the automobile can be made to function only if the owner sends an Enable SMS message to the dedicated phone number. Our solution not only prevents a stolen car from restarting (disables the car), but also disables the key auto systems so that they cannot function with good performance. Hence, the thief will not be able to re-sell the key auto systems with high price. If an automobile and its key auto systems can be disabled, the thief will be deterred from stealing it in the first place. Thus the effectiveness of our

Ineffective Effective Effective to Effective to some some degree degree Ineffective Effective to Effective to some some degree degree Ineffective Ineffective Effective to Effective to some some degree degree Ineffective Effective to Effective to Effective to some some some degree degree degree Cannot penetrate forest cover, parking garages, or other obstructions. Rely on a short visible antenna that can easily be broken off by a thief.

III. IMPLEMENTATION The implementation includes hardware design and software programming described in the following subsections. A. Hardware Design The implementation of the system required integration of many individual parts each capable of carrying out the critical functions of the system. The system consists of a single board computer (Soekris Net 4801), GSM modem (iTegno GSM/GPRS modem) and multiple ECU boards each with a PIC16F676 chip and integrated CAN adaptor. A

IV. EXPERIMENTAL RESULT

The experiments are carried out to test functionality of the system. The experimental setup is show in Fig. 7. A prototype has been developed and tested with automobiles.

Figure 7. Experimental Setup

A. Remote Disabling

5
When all the ECUs are first powered up, all the LEDs are on. This means that the system is being disabled. A SMS with the Start engine content is sent to the single board computer. After a while, the LEDs on all the ECUs are off system is enabled and the vehicle is allowed to start. A second SMS with Stop engine content is sent. After a while the LEDs on all the ECUs are on system is disabled and the vehicle is not allowed to start. Our demonstration shows that a car owner can use his mobile phone to securely protect his car from theft. When the owner discovers that his car is stolen, the owner uses his mobile phone to send a Stop engine message to the security system inside his car so that the car is prevented from being re-started. This is achieved by disabling the key auto systems such as ignition system, fuel pump and so on. After the car is found, the systems can be enabled again by the owner simply sending a Start engine message to the security system to enable his car to be started. B. Tamper Detectability If any of the ECUs, for an instance, ECU 1 is removed, the ECU 1s LED is on after a while, followed by the TPU and the rest of the ECUs. This shows that when any of the ECUs are detached from the system, the whole system will be disabled. Also at the same time, a SMS is sent to the owners mobile phone with the content saying ECU 1 is being tampered. In this way, any part of the system is removed or tampered, the system is able to detect and disable the automobile from re-starting and key auto systems from activating. C. Performance Results In order to determine the feasibility of the proposed solution, we conducted experiments by measuring time T1 taken from the mobile phone sending out a Stop engine message to ECUs disabling the engine to be started. We also took time measurements in the software to determine time t2 from the time GPRS modem receiving the message to when the ECUs disables the engine. Similarly, we also measured time T2 taken from the mobile phone sends out a Start engine message to when ECUs enables the engine, and time t4 which is from the GPRS modem receives the message to when ECUs enables the engine. Furthermore, since we embed security features in ECUs, if an ECU is being tampered, the security system will send out the alert message via the GPRS modem at once to inform the owner. Thus, we also measured time T3 from when an ECU is tampered to when the mobile phone receives the alert SMS message. We further measure time t6 from when an ECU is tampered to when the GPRS modem sends out an alert message. Therefore, (T1 - t2), (T2 t4), and (T3 t6) are the messages communication time between mobile phone and GPRS modem. The experimental results are shown in Table II. We conducted each of the experiments five times and the value in the last row is the average time of the five experiments. From the results, it is clear that the time spent in our embedded software is relatively low, thus we conclude that the proposed anti-theft solution is technically feasible and under normal circumstances, the owner can securely control his car within a few seconds.
TABLE II. TIME MEASUREMENTS Stop Engine
T1 (second) t2 (second) (T1 - t2) (second)

8.5 4.7 8.6 6.78

1 1 3 1.6 Start Engine

7.5 3.7 5.6 5.18

T2 (second)

t4 (second)

(T2 t4) (second)

6.4 8.0 6.0 8.4 6.9 7.14

1 1 1 2 1 1.2

5.4 7.0 5.0 6.4 5.9 5.94

Tamper Detection
T3 (second) t6 (second) (T3 t6) (second)

12.8 12.3 12.4 14.7 14.9 13.42

.

4 4 4 4 4 4

8.8 8.3 8.4 10.7 10.9 9.42

V. CONCLUSION This paper presents an automotive security system to disable an automobile from re-starting and its key auto systems from activating through remote control when it is stolen. Our security technology is also very effective solution to prevent the automobile stealing with the aim of reselling key auto systems. This is achieved by introducing four layers of security features written in the form of firmware and embedded on the ECUs. Hence, our system deters thieves from committing the theft because they will gain little economic benefits from his theft in spite of the risks he will be taking. Therefore, our automotive security technology is a most effective anti-theft solution at current stage. The experimental results show that the owner can securely control his vehicle within a few seconds, and the running time of our security software is acceptable. In our future works, the security system will be further improved to function as an integrated data security system for car communications, such as vehicle-to-vehicle, vehicletoinfrastructure communications. It will ensure that all data exchanged with inside and with outside automobile is protected from abuse and security attack.

REFERENCES [1] Auto Theft, Insurance Information Institute, May 2006. http://www.iii.org/media/hottopics/insurance/test4/ [2] Immobiliser, WHATCAR. http://www.whatcar.com/news-specia lreport.aspx?NA=220071 [3] DataDotDNA, DataDot Technology. http://www.datadotdna.com/dtl_technology_ourtechs_dot.htm [4] Foundation for Tackling Vehicle Crime, Motor Vehicle

6.6 5.5

2 1

4.6 4.5

6 Identification Why EVI is so important, March 2004. http://www.stavc.nl/pdfdb/publicaties/identificationreport.pdf [5] Lojack system. http://lojack.com/ [6] P. H. Dana. Global Positioning System Overview. http://www.colorado.edu/geography/gcraft/notes/gps/gps_f.h ml [7] R. Carroll, Insurance Practices and Professional Vehicle Theft, Insurance and Corporate Fraud Conference 2001. http://www.carsafe.com.au/speeches/presentation_29.doc [8] H. S. Cheng, H.Q. Guo and Y.D. Wu. A Method and System For Tamper Proofing A System of Interconnected Electronic Devices, US PCT patent application No. 60/900,317. Feb 2008. [9] Robert Bosch Gmbh, Controller Area Network (CAN). http://www.semiconductors.bosch.de/en/20/can/index.asp [10] CiA, Controller Area Network