3 minute read
Is it time for an upgrade?
Find out if you are entitled to upgrade your membership status with the IMI and get the recognition and opportunities you deserve
IMI members are accorded professional recognition based on skills and experience. It may be time for you to upgrade and be fully recognised for your expertise!
Have you completed a qualification since becoming a member and gained additional experience?
Are you interested in even more discounts and benefits you receive with IMI membership?
All it takes is for you to get in touch with the team to answer 4 quick and easy questions to potentially upgrade your member status. Be recognised for your experience and expertise with the IMI. Our purpose is your success.
Upgrade My Membership
Have your skills and experience changed? Tell us about changes to your job role and add any new courses to your account, you may qualify for an upgrade to your status. Login to IMI Connect or call the team now to discuss membership upgrades on 01992 519 025 or send an email to hello@theimi.org.uk
Keep connected vehicles safe from hackers
Because of the API’s role, they are the main focus for attack. BMW recently announced it would sell access to heated seats via software. The signal to switch on this feature, as well as other things, is sent over the air then via an API on the vehicle. I’m sure some people are already trying to hack it! Many layers of defence need to be used on a vehicle. Ford calls it ‘Defensive Depth’, but there’s always a balance required between ease of access and overall security. One example of a simple security feature could be that if a vehicle unlock request is received from a phone app, a geographic check could show if the request was local. This is the most likely scenario, but it could be genuine even if from another country, hence the balance required between security and ease of use for the owner.
Hacked off
The interconnectivity of current and future vehicles makes them potential targets for attack. Connectivity opens vehicle systems to the dark side of the internet, forcing automakers to develop strategies to ensure they don’t join the litany of corporations hit by hacking attacks. The Society of Automotive Engineers has produced Recommended Practice J3061, the Cybersecurity
Attack vectors, methods and consequences
Vector Methods
On-Board Diagnostics DLC
Wi-Fi
Custom software connected to the port
Using a ‘packet sniffer’ is a common way to attack Wi-Fi
Cellular network
Mobile apps
Example consequences
Engine stopped and brakes disabled
Disabling of the car alarm
Internet
Infotainment system hack
Many vehicles already have apps that can be modified
‘Normal’ hacking methods in which ransomware such as WannaCry is implanted
Electric charging points
Connection plug or wirelessly
Brakes disabled
Locks, lights or sunroof activated while driving
Factory production stopped and user details stolen from data centres
ID card numbers stolen and funds redirected many of the benefits of internet access, but they also bring security issues including the threat of dangerous cyberattacks.
Guidebook for
CyberPhysical Vehicle Systems
As more vehicle systems connect to the outside world, more opportunities open up to hackers. Manufacturers are working hard to reduce the chances of this happening and are helped by what can be described as ethical hackers. Connected vehicles bring
What increased cybersecurity means for you
Manufacturers may require you to be qualified or licensed to practice in the area of connectivity and cybersecurity with respect to your business and the vehicles you work on. In due time there will be short courses presented by the IMI’s network of authorised centres, together with associated qualifications. A code of practice is also likely to be introduced. This is why the IMI team and a Sector Advisory Group are starting the process of creating a Connected and Cybersecurity option for IMI TechSafe, in the same way that already exists for EVs and ADAS.
Find out more about IMI TechSafe® and make sure your skills are up to date
Electronic data communication or storage of any sort is inherently vulnerable to attack, particularly when wireless. Technical solutions are available, but if not implemented properly, they are worthless – just like using ‘pa55word’ as your password!
Technicians and workshop managers/owners entrusted with customer data will need to follow all the relevant guidelines carefully, otherwise the more connected automotive becomes, the more trouble we could find ourselves in.
