> Most of the time the Gateway module has a static firewall - basically fixed routing tables so only modules that need to will be allowed to talk to each other.
This was exactly my thought. If the headlights, and any other easily access CAN bus wiring, were properly isolated from critical security ECUs via a properly configured gateway, this attack would be impossible.
I don't think that segmenting CAN wiring is a good solution to this problem. The Powertrain CAN will always be accessible externally for some definition of "externally" (on older GM cars it ran across the bottom of the car to reach the transmission, for example), and even a separate "immobilizer" CAN would probably be accessible somewhere.
The solution, as implemented by many automakers already, is just to authenticate immobilizer messages. It works, and there's not a great excuse for not doing this in 2023.
This was exactly my thought. If the headlights, and any other easily access CAN bus wiring, were properly isolated from critical security ECUs via a properly configured gateway, this attack would be impossible.