Eye On Electronics

Motor, Nov 2004 by Dale, Mike

Carmakers are taking increasingly complicated measures to protect the vehicle owner's investment. Understanding antitheft technology can save service time on vehicles.

If ever there was a work in progress, its automotive security systems. GM is already on its fourth-generation system since it first introduced VATS (Vehicle Anti-Theft System) in 1986. New antitheft systems from all of the major brands in the U.S., Japan and Europe seem to come under attack as soon as they're introduced.

Last year, almost $8 billion worth of cars were stolen in the U.S., and only 65% of them were recovered. Canada alone thinks that some of its 20,000 stolen vehicles were exported last year.

In the meantime, these systems have an enormous effect on the automotive service industry. You don't even have to have your vehicle stolen to be affected. Lose your keys? Recently, a Ford-owning friend forked over $108 to have a key and fob replaced. Own an expensive European make? Replacement of the key and the security computer could cost you thousands of dollars. Now there's yet a new generation of these systems on your doorstep.

Let's take a look at where we are and what's coming while we guess how long it will take the bad guys to circumvent this latest generation technology.

GMs antitheft systems have been out there the longest and are fairly representative of the types of antitheft systems used on other makes. Originally named VATS, this is a good example of a first-generation system. The key uses an embedded resistor. When the key is inserted into the lock, two fine wires contact the resistor. The VATS module measures this resistance and compares it to the stored value. If they match, the vehicle is allowed to start. If they don't, a delay of up to 10 minutes is required before another attempt can be made to start the car.

In 1996, VATS was superceded in favor of the Passlock system. This system works similarly to VATS, except the resistor has been moved into the ignition switch. The Passlock II system actually had two variants, but essentially was still a resistorbased system.

Passlock III, Passlock III and Ford's securilok system, among others, use transponder-based radio frequency identification (RFID) technology. At its most basic level, this is a wireless radio link used to identify objects or people.

When a transponder enters a read zone, its data is captured by the reader and then passed along to a computer or other logic controller for action. It's much the same as the technology that identifies a runner in a marathon, a vehicle passing through a tollbooth without having to slow down or the plastic card that lets you through the security gate at work.

For automotive applications, key-based immobilizer systems consist of four main components. The heart of the system is the transponder, which is a batteryless chip. To operate the chip, it has to be supplied power from an external source. The transceiver generates a high-frequency (134.2kHz) magnetic field, which radiates from an antenna coil. The energy activates the transponder, which sends a data stream in the form of an RF-modulated signal. This signal is demodulated by the transceiver and then passed to the controller for processing.

There are two different types of transponder systems-full-duplex and half-duplex. In a fullduplex system, tire energy for the transponder and the data signal generated by the transponder are transmitted at the same time. In a half-duplex system, they're sent separately. The transponder stores the energy it receives in a capacitor. As soon as the transmitter is turned off, the transponder uses that stored energy to transmit the data. The two types of systems have different effective ranges and cost factors, but the degree of security is die same.

There are some evildoers out there with the motivation to bypass both resistor-based and transponder-based systems. But among the legitimate bypassers are the makers of remote engine starting systems. A driver would be foolish to leave the key in the ignition. So at least for the amount of time needed to start a vehicle, the modules diese companies sell, along with the remote starter, bypass the antitheft systems.

The next generation of systems coming to market offer much higher levels of security. They use cryptographic techniques to ensure the codes cannot be stolen or bypassed.

The need for this type of security got its start with the garage door industry. Early garage door openers basically transmitted a unique ID code to make sure it was your garage door you opened and not your neighbors. As with any signal being broadcast, those people with the right equipment could receive the signal and record it. Later, when you're away, the signal could be re-sent, opening your home to would-be intruders. How much of this really went on is unknown, of course, but these "code grabbers" were widely talked about as a threat to home security.

The technology developed to defeat this possibility is called rotting code technology. The remote and the receiver keep internal counters that begin by being synchronized with each other. Each time the remote is used, the stored code number is increased by a specific amount. When the user pushes the button on the remote, the current value of the counter is transmitted, along with the fixed ID number. The door opens only if both numbers match.