Miller and industry analysts have said that patching security holes and building firewalls to stop cyber attacks is the wrong strategy and is ultimately futile.
"I don't think there's a way to you can make a really secure way for computers to communicate," Miller said. Hacking a network firewall simply takes time and perseverance.
Instead, Miller said automakers must build computer systems that recognize when a security breach has occurred in order to stop any damage.
The CAN bus is very simple and the messages on it are very predictable, Miller said. "When I start sending messages to cause attacks and physical issues, those messages stand out very plainly. It would be very easy for car companies to build a device or build something into existing software that can detect CAN messages we sent and not listen to them or take some sort of action," he said.
Sens. Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) filed legislation this week that would require the federal government to establish standards to ensure that automakers secure a driver against vehicle cyber attacks.
Among other things, the Security and Privacy in Your Car (SPY Car) Act calls for vehicles to be equipped with technology that can detect, report and stop hacking attempts in real time.
Sign up for CIO Asia eNewsletters.