The automotive industry is currently working with the ISO and SAE standardization bodies to make a standard for automotive cyber security, expected to be released in 2020. After all, simply putting sometimes numerous wireless connectivity devices (e.g., GSM/3G/LTE, bluetooth, tire pressure sensors, ...) into a vehicle has again and again turned out to be a playground for attackers, and can haunt both customers and manufacturers in the long run.
This talk will give an overview of the key elements in the draft, and how they play together to minimize the risk of getting pwned while driving 250 km/h on the Autobahn. I will focus on the technical mechanisms as the point-of-view, and how they are usually embodied in a modern car. This will include signed software updates, authenticated CAN bus messages and secure gateways, just to name a few.
Martin Schmiedecker works as a security consultant during the day, teaches lectures at TU Wien on security & privacy by night. Court certified expert witness, and member of @c3wien. @Fr333k on Twitter.
Thursday October 10, 2019 12:00 - 13:00 CEST
01. WestvleterenUniversity