Previous research has shown that an attacker can execute remote code on the electronic control units (ECU) in automotive vehicles via interfaces such as Bluetooth and the telematics unit: http://www.autosec.org/pubs/cars-usenixsec2011.pdf.
This paper expands on the topic and describes how an attacker can influence a vehicle’s behavior. It includes examples of mission critical controls, such as steering, braking, and acceleration, being manipulated using Controller Area Network (CAN) messages.
All of the technical information needed to reproduce and understand these issues described in this work, including source code, data samples, hardware descriptions, and methodology, are available here.