PASTA: Portable Automotive Security Testbed with Adaptability

Presented at Black Hat Asia 2019, March 28, 2019, 10:15 a.m. (61 minutes).

<span>For accelerating the development of sophisticated driving-assist technologies such as automated driving, securing vehicles against cyberattacks is challenging. To promote the development of security-measurement methods, a company's electronic control unit (ECU) places tough restrictions on security analysis. In such circumstances, we need an environment that includes transparent ECUs with high adaptability. Ideally, anyone will be able to apply technology and evaluate that technology with ECUs. Simulating an actual vehicle through hardware is also required for assessing threats of cyberattacks. We need not only to provide an adaptable platform for developing measures for existing cybersecurity but also simulate any function in actual vehicles using white-box ECUs. In addition, to easily demonstrate and evaluate the applied security technique, it is important to make the environment portable. Considering these requirements, we propose the portable automotive security testbed with adaptability (</span><span>PASTA</span><span>), and give an example for evaluating it for proof of concept. </span><span>PASTA</span><span> has the possibility to contribute to a comprehensive development platform against vehicle cyberattacks.</span>

Presenters:

  • Tsuyoshi Toyama - Senior Researcher, Toyota InfoTechnology Center
    Tsuyoshi Toyama acquired his Ph.D in information science at Yokohama National University Graduate School in 2012. At the university, he studied information security as the main theme. After obtaining his Ph.D, he joined the TOYOTA InfoTechnology Center in 2013 after undergoing research work at a university for one year. Current hot topics such as Connected Car and Autonomous Vehicle in the automotive industry bring high convenience to users; however, there is a posibility that the threats of Cyber Security are potentially hidden in any of them. He is not only working on existing threats, but also tackling future threats. His research products also have a possibility to be effective educational tools.
  • Takuya Yoshida - Principal Rearcher, Toyota InfoTechnology Center
    Takuya Yoshida received a Doctor of Engineering in information security from Tokyo Institute of Technology in 2002. In 2002 he joined Toshiba, where he was engaged in research on cryptographic algorithms and security of IT systems, such as contents protection and authentication. He is an author of forty-five registered patents in Japan and other countries. In 2018 he joined Toyota InfoTechnology Center. He is currently a principal researcher of cybersecurity group in solution research division. His current research interests include cybersecurity technologies related to vehicular system.
  • Hisashi Oguma - Group Leader, Toyota InfoTechnology Center
    Hisashi Oguma received the B.E., M.E., and Ph.D. degrees in computer science from the University of Electro-Communications, Tokyo, Japan in 1997, 1999, and 2002 respectively. In 2002 he joined NTT DoCoMo, Inc., Kanagawa, Japan, where he was engaged in research on ubiquitous services using sensor networks and mobile terminal security. In 2007 he joined Toyota InfoTechnology Center Co., Ltd., Tokyo, Japan. He is currently a group leader of cybersecurity group in solution research division. His current research interests include cybersecurity technologies related to vehicular system. He is a member of IPSJ.
  • Tsutomu Matsumoto - Professor, Yokohama National University
    Tsutomu Matsumoto is a professor of Faculty of Environment and Information Sciences at Yokohama National University and directs the Research Unit for Information and Physical Security at the Institute of Advanced Sciences. He received Doctor of Engineering from the University of Tokyo in 1986. Starting from Cryptography in the early 80's, he has opened up the field of security measuring for logical and physical security mechanisms. Currently he is interested in research and education of Embedded Security Systems such as IoT Devices, Network Appliances, Mobile Terminals, In-vehicle Networks, Biometrics, Artifact-metrics, and Instrumentation Security. He is serving as the chair of the IEICE Technical Committee on Hardware Security, the Japanese National Body for ISO/TC68 (Financial Services), and the Cryptography Research and Evaluation Committees (CRYPTREC) and as an associate member of the Science Council of Japan (SCJ). He was a director of the International Association for Cryptologic Research (IACR) and the chair of the IEICE Technical Committee on Information Security. He received the IEICE Achievement Award, the DoCoMo Mobile Science Award, the Culture of Information Security Award, the MEXT Prize for Science and Technology, and the Fuji Sankei Business Eye Award.

Links:

Similar Presentations: