Владимир Махитко - automotive security. new challenges
TRANSCRIPT
Automotive securityNew challenges
I am Volodymyr MakhitkoSoftware Engineer GlobalLogic
Automotive security is a ecosystem
Automotive ecosystem
Vehicle attack surface
Common ways of hacking
◉ hardware hacking◉ wireless hacking◉ network hacking◉ browser hacking
◉ linux/qnx hacking◉ binary reverse engineering◉ protocol reverse engineering◉ custom tool development
Video examples
Vehicle attack surface
CAN bus frame
OBD pinout example
CAN tools
● apt-get install can-utils● configure can interface● # candump -cae can0,0:0,#FFFFFFFF
Keep car in diagnostic state
Mazda CAN ID
TPMS Attack
● track vehicle● trigger events● spoofing
Vehicle attack surface
Intrusion detection & Snort
Attacks classification
● backdoor● bad-traffic● botnet-cnc● content-replace● ddos● exploit
● file-identify● ftp● icmp● multimedia● mysql● scan
● telnet● virus● voip● tftp● web-attacks
IDS & enterprise network topology
IDS & enterprise network topology
Bad & Good Automotive Architecture
THANKS!