Motor Vehicle Defect Petition; Denial

Denial of Motor Vehicle Defect Petition

SUPPLEMENTARY INFORMATION:

Introduction

Interested persons may petition NHTSA requesting that the Agency initiate an investigation to determine whether a motor vehicle or an item of replacement equipment does not comply with an applicable motor vehicle safety standard or contains a defect that relates to motor vehicle safety. 49 U.S.C. 30162; 49 CFR 552.1. Upon receipt of a properly filed petition, the Agency conducts a technical review of the petition, material submitted with the petition, and any additional information. 49 U.S.C. 30162(c); 49 CFR 552.6. The technical review may consist solely of a review of information already in the possession of the Agency or it may include the collection of information from the motor vehicle manufacturer or other sources. After conducting the technical review and considering appropriate factors, which may include, but are not limited to, allocation of Agency resources, Agency priorities, and the likelihood of success in litigation that might arise from a determination of noncompliance or a defect related to motor vehicle safety, the Agency will grant or deny the petition. See 49 U.S.C. 30162(d); 49 CFR 552.8.

Background Information

In a letter dated June 7, 2023, Kimberlyn Hearns (the petitioner) submitted a petition attributing electrical malfunctions of his 2019 Toyota Yaris (subject vehicle) to remote attacks by unknown parties targeted on the subject vehicle's Controller Area Network (CAN bus). ⁽¹⁾ The petitioner requested an Agency investigation of the susceptibility of the subject vehicle to the alleged attacks and for assistance securing a full refund of the vehicle price. Over four total submissions from the June 7, 2023 petition to August 2, 2023, the petitioner supported his request with a chronology of events detailing the vehicle fault, service history, and a listing of published cybersecurity articles. In addition, before filing the petition, the petitioner sent three pieces of related correspondence to the Agency from late December 2022 to February 2023.

NHTSA has based its decision on a review of the material cited by the petitioner in his petition, information submitted by Toyota in response to the Agency's request, and other pertinent information in NHTSA's databases. Staff from NHTSA's Vehicle Research and Test Center (VRTC) supported the review at all stages.

Subject Vehicle History

The subject vehicle is a Model Year (MY) 2019 Toyota Yaris LE equipped with a 1.5L I4 gasoline engine. According to a vehicle history report, the subject vehicle has only been owned by one person (the petitioner), started receiving service in August of 2019, and has not experienced any reported collisions or damage. The vehicle history report indicated regular servicing of the subject vehicle by the Toyota dealership that sold it to the petitioner, with no atypical problems evident through June of 2022 and after approximately 40,000 miles of service. During this time, the subject vehicle received remedies related to two Toyota field campaigns: Service Campaign 20TC03  ⁽²⁾ (performed September 2020) and Safety Recall 21V617  ⁽³⁾ (performed January 2022).

In mid-November of 2022, with 46,136 miles of service, ⁽⁴⁾ the petitioner reported hearing three beeps while driving at low speed, accompanied by engine shut down. After a delay, the petitioner was able to restart the vehicle, but a Check Engine Light (CEL) remained illuminated. The petitioner's dealer diagnosed the problem as a bad battery and installed a replacement battery.

Over the ensuing two weeks, and approximately 700 miles, the petitioner reported several instances of engine power loss, malfunctioning indicator lights, and a head unit delayed start malfunction, leading to service at a different Toyota dealer in early December 2022. That dealer's invoice reported that no problem had been identified after several service checks, inspection of the ECU wiring, and after approximately 30 miles of test driving over a two-day period. At the time of its release from this dealership, the invoice reported that the subject vehicle had an odometer reading of 47,009 miles. Toyota reported that the dealership had also contacted its Technical Assistance Center for further guidance.

The vehicle history report indicates that the subject vehicle traveled only 44 miles over the following three months, returning to its regular servicing dealership in late March 2023, about a week after another report from the petitioner of flashing warning lights and repeated horn activation while the petitioner was inside his house. The petitioner reported that this mid-March incident coincided with a suspicious vehicle driving by his house. The petitioner also stated that in late March, a service visit to his regular servicing dealership included the removal of an aftermarket vehicle security system manufactured by Rockledge Securities. ⁽⁵⁾

No further service records from Toyota or the vehicle history report appear after March 27, 2023. The petitioner reported eleven instances of continued malfunctions from March 30 through June 3, 2023 related to horn activation, inoperative key-fob, no-start condition, and fuel gauge inaccuracies. The petitioner also reported that two of these malfunctions coincided with suspicious vehicles driving by his house. The petitioner then began documenting various additional events, including a no-start condition followed by a jump-start, inaccurate/slowly responding fuel gauge, intermittent CEL, "nearly unreadable" instrument cluster, an inability to turn off the engine, and inoperative fan, wipers, and signals. Petitioner also cited attempts to maintain the battery state of charge by idling the subject vehicle in his driveway. At the time of the petitioner's last contact with NHTSA in August 2023, the petitioner reported that his subject vehicle was unusable, despite efforts to maintain the charge of its battery.

Subject Vehicle Connectivity

Although the petitioner asserts that his vehicle is under remote electronic attack, and stipulates that the subject vehicle is not defective; the Agency is still treating the submitted document as a part of a defect petition as initially requested. ⁽⁶⁾ The Agency requested that Toyota describe the subject vehicle's CAN bus and connectivity to outside wireless data sources. In response to the Agency's request, Toyota stated:

• This vehicle is not equipped with a cellular communication module; therefore, it is not capable of communicating with a cellular network.
• This vehicle's multimedia system is capable of connecting a cellular phone to support hands-free features, such as hands-free calling and streaming audio from the phone.
• This vehicle does not have advanced connectivity features, such as Apple CarPlay or Android Auto.
• The multimedia system, which includes Bluetooth connectivity, operates on a local CAN bus network dedicated communication for the vehicle's multimedia system.

ODI Analysis

ODI reviewed complaint data and information in NHTSA's databases concerning all 2019 Toyota Yaris vehicles and identified no other cyberattack allegations similar to those reported by the petitioner. This body of information also did not show any potential trend of similar electrical or power loss symptoms regardless of reported cause.

The symptoms reported by the petitioner could not be duplicated by the Toyota dealer in three separate service visits and may have originated from any number of sources. Beyond these service visits, the effects of other influences such as the Rockledge aftermarket security system (including its installation and removal), and battery maintenance via external charger or driveway idling cannot be assessed at this time. Toyota has reported that difficulty communicating with the petitioner  ⁽⁷⁾ inhibits further efforts to inspect the vehicle. After assessing the material submitted by the petitioner, information submitted by Toyota in response to an Agency request regarding the petitioner's allegation, and other information in NHTSA's possession, NHTSA concludes that:

• Notwithstanding the conditions cited by the petitioner, the 2019 Toyota Yaris vehicle lacks the external cellular connectivity needed to make it vulnerable to remote cyberattacks.
• The subject vehicle's Bluetooth connectivity ability is limited to multimedia and hands-free communication.
• The Agency has uncovered no other evidence of related cyberattacks or similar symptoms in 2019 Toyota Yaris vehicles.

Accordingly, the Agency is denying the petition. As with all potential motor vehicle safety risks, NHTSA will continue to review any new information or incidents as they are submitted to the Agency.

Authority: 49 U.S.C. 30162(d) and 49 CFR part 552; delegation of authority at 49 CFR 1.95(a). ⁽⁸⁾

[FR Doc. 2024-27431 Filed 11-21-24; 8:45 am]

BILLING CODE P

⁽¹⁾  Modern automobiles (including the subject vehicle) contain multitudes of microcontrollers that communicate over a self-contained computer network known as a Controller Area Network.

⁽²⁾  20TC03 was a quality campaign meant to reprogram the Engine Control Module (ECM) software due to the software installed being intended for vehicles with a different engine configuration.

⁽³⁾  21V617 is a fuel pump recall meant to remedy a defective fuel pump by replacement.

⁽⁴⁾  Based on a contemporaneous service invoice.

⁽⁵⁾  The model, capabilities, and installer of this device are unknown. However, the Rockledge Securities website advertises several vehicle security devices that may be wired into the vehicle and identifies the subject vehicle sales servicing dealership as one of several affiliated dealerships.

⁽⁶⁾  Petitioner's letter to ODI dated February 28, 2023 states: "my opinion and belief is that my 2019 Toyota Yaris is not defective. It was remotely hacked."

⁽⁷⁾  The petitioner has insisted to the Agency and Toyota that only written communications are accepted and that he will refuse phone calls, emails, and in person visits.

⁽⁸⁾  The authority to determine whether to approve or deny defect petitions under 49 U.S.C. 30162(d) and 49 CFR part 552 has been further delegated to the Associate Administrator for Enforcement.