cybersecurity in automotive networks
play

CYBERSECURITY IN AUTOMOTIVE NETWORKS A presentation by Sebastian - PowerPoint PPT Presentation

Oct 21, 2023 •42 likes •182 views

CYBERSECURITY IN AUTOMOTIVE NETWORKS A presentation by Sebastian Wilczek & Arnold Buntsma Supervisor: Colin Schappin RP #51 Context ECUs History New attack vectors 2 How many ECUs does it take to control a modern vehicle? 3

  1. CYBERSECURITY IN AUTOMOTIVE NETWORKS A presentation by Sebastian Wilczek & Arnold Buntsma Supervisor: Colin Schappin RP #51

  2. Context ● ECUs ● History ● New attack vectors 2

  3. How many ECUs does it take to control a modern vehicle? 3

  4. At least seventy! And up to 200. 4

  5. Research Questions Which automotive communication protocols are used in production, forming the ➔ state of practice? What features are built into the protocols utilised in the automotive industry to ➔ provide security? What extensions can introduce security to the protocols? ➔ How do these extensions compare in terms of security, according to the CIA ➔ triad? 5

  6. Related Work Network Standards ➔ Different protocols for vehicle networks Thomas Nolte et al. & Navet et al. Attacks on Protocols ➔ Various attacks on different network types Nilsson et al. & Miller and Valasek Proposed Extension ➔ Introduction of Security Cros and Chênevert & Kurachi et al. 6

  7. Protocols ● CAN ● LIN ● FlexRay ● Ethernet ● MOST 7

  8. Extensions Authentication and Payload CaCAN (Kurachi, R. et al.) ➔ 8 bits for authentication 56 bits for payload Hash Auth CAN (Cros, O. and Chênevert, G) ➔ 24 bits for authentication 40 bits for payload or not CAN-compliant Hash Auth FlexRay ➔ 28 bits for authentication 228 bits for payload 8

  9. Our experiments Simulated in software CANoe ● CAN & FlexRay ● Programmable ECUs ● Hardware experiment (CAN) Arduino Microcontrollers ● CAN Bus ● CAN Shields ● 9

  10. CIA Security CAN CaCAN HashAuth FlexRay FR HashAuth Confidentiality - - - - - - - - - - Integrity + - (CRC) + (8-bit) + + (24-bit) + - (CRC) + + (28-bit) Availability - - - - - + + - 10

  11. 11

  12. Conclusion CAN and FlexRay ➔ Most used in industry Only basic integrity checks ➔ Protocols not designed with security in mind Many proposals for CAN, none ➔ for FlexRay Most behave similar Introduce Authenticity, ➔ Performance impact Change in CIA 12

  13. Discussion Real life ECUs ➔ Only tested on Arduinos Software optimization ➔ Different hashing algorithms Number of extension ➔ Scoped to two proposals FlexRay hardware ➔ Using software only 13

  14. Future Work ● Automotive Ethernet ● Proposals for FlexRay ● ECU Measurements ● Ethical Discussion 14

Recommend

NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory

NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory

National Highway Traffic Safety Administration NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory Board October 2015 The Need for Cybersecurity Research 32,719 people died due to motor vehicle

556 views • 17 slides
Automotive Requirements for Future Mobile Networks Andreas Kwoczek Head of Positioning and

Automotive Requirements for Future Mobile Networks Andreas Kwoczek Head of Positioning and

Automotive Requirements for Future Mobile Networks Andreas Kwoczek Head of Positioning and Communication, Volkswagen Group Research January, 21 st 2016 Automotive Requirements for Future Mobile Networks Motivation Customer Expectation Expected

331 views • 9 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan

Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan

The Automotive Network Threats Protection mechanisms Conclusion Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan Studnia Vincent Nicomette Eric Alata Yves Deswarte Mohamed Ka aniche Renault

752 views • 40 slides
PROFILING AND OPTIMIZATION OF DEEP NEURAL NETWORKS FOR EMBEDDED AUTOMOTIVE APPLICATIONS Loc

PROFILING AND OPTIMIZATION OF DEEP NEURAL NETWORKS FOR EMBEDDED AUTOMOTIVE APPLICATIONS Loc

PROFILING AND OPTIMIZATION OF DEEP NEURAL NETWORKS FOR EMBEDDED AUTOMOTIVE APPLICATIONS Loc CORDONE , Eric PERRAUD and Jean-Marc GABRIEL Renault Software Labs, Toulouse and Sophia-Antipolis 01/2020 1 1 INTRODUCTION 2 SCOPE OF THE STUDY 3

878 views • 32 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Cybersecurity for Future Presidents USENIX Enigma Conference website:

Cybersecurity for Future Presidents USENIX Enigma Conference website:

Cybersecurity events from the past week (or 2) of interest to future (or current) Presidents: NSA Tailored Access Operations (TAO) chief gives public talk on how NSA breaks into networks (1/25/2016):

273 views • 4 slides
Cybersecurity Distributed processing and ubiquitous high-speed networks empower a vision for

Cybersecurity Distributed processing and ubiquitous high-speed networks empower a vision for

Cybersecurity Distributed processing and ubiquitous high-speed networks empower a vision for instant access to any information, anywhere, at any time. How will we protect privacy, property and system integrity of digital everything?

509 views • 12 slides
KEY BENEFITS sustainability put the automotive industry under WHEN USING OUR pressure to develop

KEY BENEFITS sustainability put the automotive industry under WHEN USING OUR pressure to develop

Twaron drives Automotive hoses and belts AUTOMOTIVE DEVELOPMENTS Manufacturers in the automotive industry are constantly looking for ways to maintain their competitiveness by getting innovative products to market fast. Safety issues, performance

772 views • 18 slides
VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks

VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks

VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks Jo Van Bulck, Jan Tobias Mhlberg and Frank Piessens jo.vanbulck|jantobias.muehlberg@cs.kuleuven.be imec-DistriNet, KU Leuven, Celestijnenlaan

654 views • 28 slides
Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus

Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus

Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus Networks The Single-Source Cybersecurity Provider for the SMB Pete Seeber Founder & CEO Chris Rafford Cybersecurity Strategist Before we begin

552 views • 30 slides
A QoS Aware Approach to Service-Oriented Communication in Future Automotive Networks Mehmet C

A QoS Aware Approach to Service-Oriented Communication in Future Automotive Networks Mehmet C

A QoS Aware Approach to Service-Oriented Communication in Future Automotive Networks Mehmet C akir , Timo H ackel, Sandra Reider, Philipp Meyer, Franz Korf and Thomas C. Schmidt 4 December 6 December 2019, Los Angeles, California 2019

541 views • 43 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing

Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing

Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing Principal Energy Security Global Energy & Utility Practice ernest.hayden@verizonbusiness.com Confidential and proprietary material for

188 views • 4 slides
Safety in the Cloud An Introduction to Cybersecurity Frank Chen | Spring 2017 Agenda

Safety in the Cloud An Introduction to Cybersecurity Frank Chen | Spring 2017 Agenda

CS 88S Safety in the Cloud An Introduction to Cybersecurity Frank Chen | Spring 2017 Agenda Introductions Icebreaker Activity Administrative Myths & Realities Computers, Networks, Paradigms of Cybersecurity Frank Chen |

1.05k views • 50 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides

More recommend