Juicing Up The Chevy Volt With Raspberry Pi

While Chevrolet’s innovative electric hybrid might officially be headed to that great big junkyard in the sky, the Volt will still live on in the hearts and minds of hackers who’d rather compare amp hour than horsepower. For a relatively low cost, a used Volt offers the automotive hacker a fascinating platform for upgrades and experimentation. One such Volt owner is [Jared Stafford], who’s recently made some considerable headway on hacking his hybrid ride.

In an ongoing series on his blog, [Jared] is documenting his efforts to add new features and functions to his Volt. While he loves the car itself, his main complaint (though this is certainly not limited to the Volt) was the lack of tactile controls. Too many functions had to be done through the touch screen for his tastes, and he yearned for the days when you could actually turn a knob to control the air conditioning. So his first goal was to outfit his thoroughly modern car with a decidedly old school user interface.

Like most new cars, whether they run on lithium or liquefied dinosaurs, the Volt makes extensive use of CAN bus to do…well, pretty much everything. Back in the day it only took a pair of wire cutters and a handful of butt splice connectors to jack into a car’s accessory systems, but today it’s done in software by sniffing the CAN system and injecting your own data. Depending on whether you’re a grease or a code monkey, this is either a nightmare or a dream come true.

Luckily [Jared] is more of the latter, so with the help of his Macchina M2, he was able to watch the data on the CAN bus as he fiddled with the car’s environmental controls. Once he knew what data needed to be on the line to do things like turn on the fan or set the desired cabin temperature, he just needed a way to trigger it on his terms. To that end, he wired a couple of buttons and a rotary encoder to the GPIO pins of a Raspberry Pi, and wrote some code that associates the physical controls with their digital counterparts.

That’s all well and good when you need to mess around with the AC, but what’s the Pi supposed to do the rest of the time? [Jared] decided a small HDMI display mounted to the dash would be a perfect way for the Raspberry Pi to do double duty as information system showing everything from battery charge to coolant temperature. It also offers up a rudimentary menu system for vehicle modifications, and includes functions which he wanted quick access to but didn’t think were necessarily worth their own physical button.

In the video after the break, [Jared] walks the viewer through these modifications, as well as some of the other neat new features of his battery powered bow tie. What he’s already managed to accomplish without having to do much more than plug some electronics into the OBD-II port is very impressive, and we can’t wait to see where it goes from here.

Today there are simply too many good electric cars for hybrids like the Chevy Volt and its swankier cousin the Cadillac ELR to remain competitive. But thanks to hackers like [Jared], we’re confident this isn’t the last we’ve seen of this important milestone in automotive history.

Continue reading “Juicing Up The Chevy Volt With Raspberry Pi”

Hacking A 20 Year Old Subaru

While cars are slowing becoming completely computer-controlled, road vehicles have been relying on computers since the 1970’s. The first automotive use of computers was in engine control units (ECUs) which came along as fuel injection systems started to replace carburetors.

[P1kachu]’s 1997 Subaru Impreza STi, like most cars of this vintage, uses an ECU and provides a diagnostic connector for external communications. [P1kachu]’s Subaru hacking project includes building a diagnostic interface device, dumping the ECU’s firmware, and reverse engineering the binary to understand and disable the speed limiter. If this looks familiar, it’s because we just covered the infotainment hacks in this car on Saturday. But he added information about the communications protocols is definitely worth another look.

This era of Subaru uses a non-standard diagnostics protocol called SSM1, which is essentially a 5 volt TTL serial line running at 1953 bits per second. The custom interface consists of a Teensy and a 3.3V to 5V level shifter. Once connected, commands can be sent directly to the ECU. Fortunately, the protocol has been quite well documented in the past. By issuing the “Read data from ECU address” command repeatedly, the full firmware can be dumped.

[P1kachu] goes on to locate the various engine tuning maps and discover the inner workings of the speed limiter. With cars getting more computerized, it’s nice to see folks are still able to tune their rides, even if it means using Teensys instead of wrenches.

Car Hacking At DEF CON 26

A great place to get your feet wet with the data-network-wonderland that is modern-day automobiles is the Car Hacking Village at DEF CON. I stopped by on Saturday afternoon to see what it was all about and the place was packed. From Ducati motorcycles to junkyard instrument clusters, and from mobility scooters to autonomous RC test tracks, this feels like one of the most interactive villages in the whole con.

Continue reading “Car Hacking At DEF CON 26”

Spared No Expense: Cloning The Jurassic Park Explorer

While you’d be hard pressed to find any serious figures on such things, we’d wager there’s never been a vehicle from a TV show or movie that has been duplicated by fans more than the Staff Jeeps from Jurassic Park. Which is no great surprise: not only do they look cool, but it’s a relatively easy build. A decent paint job and some stickers will turn a stock Wrangler into a “JP Jeep” that John Hammond himself would be proud of.

While no less iconic, there are far fewer DIY builds of the highly customized Ford Explorer “Tour Vehicles”. As a rather large stretch of the film takes place within them, the interiors were much more detailed and bears little resemblance to the stock Explorer. Building a truly screen accurate Jurassic Park Tour Vehicle was considered so difficult that nobody has pulled it off since the movie came out in 1993. That is until [Brock Afentul] of PropCulture decided to take on the challenge.

In an epic journey spanning five years, [Brock] has created what he believes is the most accurate Jurassic Park Tour Vehicle ever produced; and looking at the side by side shots he’s done comparing his Explorer to the ones from the movie, it’s hard to disagree. A massive amount of work went into the interior, leaving essentially nothing untouched. While previous builds have tried to modify the stock dashboard to look like the one from the movie, he built a completely new dash from MDF and foam and coated it in fiberglass. The center console featuring the large display was also faithfully reproduced from the movie, and runs screen accurate animations, maps, and tour information. The seats also had to be replaced, multiple times in fact, as he had a considerable amount of trouble getting somebody to upholster them to his standards.

But perhaps the most difficult component of all was the clear acrylic roof bubble. These were critical to filming the movie, as they not only let the viewer see down into the Tour Vehicles but also let the characters see out during the iconic tyrannosaurus attack. But because the roof bubble was created only for the movie and never existed as a real aftermarket product, it usually gets ignored in Tour Vehicle builds. It’s simply too difficult to produce for most people. The omission of the bubble was always considered a case of artistic license; in the same way nobody expects a replica DeLorean from Back to the Future to actually fly or travel through time.

But [Brock] wanted to take his Tour Vehicle all the way, so he partnered up with a local glass shop that let him rent time in their oven so he could heat up acrylic sheets. Once heated to the appropriate temperature, they could be removed and wrapped around a mold to make the bubble. The process took weeks to perfect, but in the end he and a few friends got the hang of it and were able to produce a gorgeous roof bubble that they fitted to the already very impressive Explorer.

While previous Jurassic Park Tour Vehicle replicas were unquestionably awesome, this build really does take it to the next level. Short of equipping the garage with a movie-accurate super computer, it’s hard to see how the bar can get any higher.

34C3: Using Your Car As Video Game Controller

Despite the presence of human drivers, modern cars are controlled by computers. In his talk at the Chaos Communication Congress [Guillaume Heilles] and [P1kachu] demonstrate the potential of taking control of a car’s computer. This of course leads to the natural conclusion of emulate an Xbox controller and using the car to play computer games.

His research was limited by the fact that the only cars they had access to were the daily drivers of different members of [P1kachu]’s family, which meant that all tinkering had to be strictly non-destructive. Despite this, they achieved impressive results and deliver a great introduction into reverse engineering.

[P1kachu] used a RasPi and an OBD-II adapter to access the car’s CAN bus and begins the presentation with a quick overview of the protocol. He then briefly touches on security measures that he ran into, which are optional and their implementation varies widely between manufacturers. His first attempt to access the CAN bus was successfully blocked by a challenge-response algorithm doing its work. His mother’s convertible however provided no such obstacles and gaining access allowed him to map the position of the steering wheel and pedals to a game controller, using the car to play video games.

After this, [Guillaume] steps in and walks us through the teardown of a gadget that plugs into the OBD-II port and claims to do amazing things for your car’s mileage by reprogramming the ECU. The device was not brand specific and after having seen the variations in the ways different manufacturers implement the protocol, [Guillaume] and [P1kachu] doubted that the gadget was capable of even holding the information required to modify every known implementation out there. Listening to the output of the device, along with a quick analysis of the circuit followed by decapping the single chip they found, showed that their doubt was justified. The lecture closes with an extended Q&A that adds more information on car hacking. Those that don’t have access to a car can instead tear down hot glue guns, doppler modules or antique calculators.

Continue reading “34C3: Using Your Car As Video Game Controller”

Blackberry Eyes Up Car Anti-Virus Market

[Reuters] reports that BlackBerry is working with at least two car manufacturers to develop a remote malware scanner for vehicles, On finding something wrong the program would then tell drivers to pull over if they were in critical danger.

The service would be able to install over-the-air patches to idle cars and is in testing phase by Aston Martin and Range Rover. The service could be active as early as next year, making BlackBerry around $10 a month per vehicle.

Since the demise of BlackBerry in the mobile phone sector, they’ve been hard at work refocusing their attention on new emerging markets. Cars are already rolling computers, and now they’re becoming more and more networked with Bluetooth and Internet connections. This obviously leaves cars open to new types of attacks as demonstrated by [Charlie Miller] and [Chris Valasek]’s hack that uncovered vulnerabilities in Jeeps and led to a U.S. recall of 1.4 million cars.

BlackBerry seem to be hedging their bets on becoming the Kingpin of vehicle anti-virus. But do our cars really belong on the Internet in the first place?

Car Security Experts Dump All Their Research And Vulnerabilities Online

[Charlie Miller] and [Chris Valasek] Have just released all their research including (but not limited to) how they hacked a Jeep Cherokee after the newest firmware updates which were rolled out in response to their Hacking of a Cherokee in 2015.

FCA, the Corp that owns Jeep had to recall 1.5 million Cherokee’s to deal with the 2015 hack, issuing them all a patch. However the patch wasn’t all that great it actually gave [Charlie] and [Chris] even more control of the car than they had in the first place once exploited. The papers they have released are a goldmine for anyone interesting in hacking or even just messing around with cars via the CAN bus. It goes on to chronicle multiple hacks, from changing the speedometer to remotely controlling a car through CAN message injection. And this release isn’t limited to Jeep. The research covers a massive amount of topics on a number of different cars and models so if you want to do play around with your car this is the car hacking bible you have been waiting for.

Jeep are not too happy about the whole situation. The dump includes a lot of background for vehicles by multiple manufactureres. But the 2015 hack was prominent and has step by step instructions. Their statement on the matter is below.

Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems.

We anticipate seeing an increasing number of security related releases and buzz as summer approaches. It is, after all, Network Security Theatre season.