How to Defend Cars

Presented at Still Hacking Anyway (SHA2017), Aug. 5, 2017, 4:10 p.m. (60 minutes)

For a long time automobile manufacturers designed their cars as closed systems with no security in mind. Recently security researchers have demonstrated how vulnerable vehicles are to cyber-attacks. Once compromised the vehicle is at the mercy of the hackers: by remotely taking over control of the car, they can perform dramatic actions with severe safety-related consequences for the passengers. This issue comes from the design of automobiles and the communication protocols they use. To function properly a vehicle makes use of different computers called “Electronic Control Units” (ECU) to perform various operations such as breaking or steering. Connected all together on the in-vehicle networks, the ECUs communicate with each other using simple protocols involving no security features, assuming the legitimacy and the trustworthiness of their peers. The lack of security mechanisms makes it difficult to guarantee the confidentiality, integrity and availability of automotive systems. Moreover the complexity of the situation increases with the rise of connected vehicles, communicating with each other (Vehicle-2-Vehicle communications, V2V) and with the infrastructure (Vehicle-2-Infrastructure communications, V2I). #PhysicalSecurity #DeviceSecurity #NetworkSecurity #IoT To address these challenges we are looking at Intrusion Detection Systems (IDS) to secure car communications: not only on the in-vehicle networks but also Vehicle-2-Everything (V2X) communications. In this presentation we will first cover the in-vehicle specificities and how to protect the internal car network. We will discuss together the following topics: • Security in Cyber Physical Systems • From computer networks to automotive networks • Understanding Controller Area Network (CAN) • Defending the car: Message Authentication Code and IDS • In-vehicle network IDS - State of the art The second part of the talk will be focused on V2X communication. More specifically we will address the following aspects: • Architectures • Communication types (e.g. V2V, V2I and I2V) • Communication schemes • Type of data to be transmitted • Security mechanisms and existing IDS techniques

Presenters:

  • Alexios Lekidis
    I am a Senior Researcher at SecurityMatters and Research Associate (post-doc) at the Security Group of the Eindhoven University of Technology. My work focuses on model-based design and development techniques for performance evaluation, rapid prototyping and network monitoring in real-time embedded, distributed and automatic control systems. I hold a PhD in Applied Mathematics / Computer Science from the University of Grenoble. Contact me at a.lekidis@tue.nl.
  • Guillaume Dupont
    PhD candidate in Automotive Security, focusing on intrusion detection for in-vehicle networks. Previously I have been working as IT security consultant. My fields of interest are: pentesting, IoT, reverse engineering and threat intelligence. tbd

Links:

Similar Presentations: