Context-aware Automotive Intrusion Detection

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Context-aware Automotive Intrusion Detection"

Transcription

1 Context-aware Automotive Intrusion Detection Armin Wasicek 1 Mert D.Pesé 2, André Weimerskirch 2, Yelizaveta Burakova 2, Karan Singh 2 1 Technical University Vienna, Austria 2 University of Michigan ESCAR USA June 21, 2017

2 Motivation for Security Dominant motives of organizations for security: Avoiding and mitigating loss Avoiding negligence Enhancing strategic business values Security is the enabler of business models Armin Wasicek 2

3 Who is willing to pay for Security? Incentives for investment in security are lacking Making a strong business case for security is hard: Quantifying risk in a dynamic environment Rapidly changing, unpredictable threats Demonstrating consequences of attacks Who is willing to pay for security? Armin Wasicek 3

4 Vulnerability Black Market Zero-day exploits are a tradable asset Full disclosure to improve software is utopia New professionalism in security market Cost of exploit: $ 1k-5k (2k), good >10 month Realistically, we re selling cyberweaponry There is already a market for security! Armin Wasicek 4

5 Rising need for Security Automotive security requirements Cost effective Reusable Adaptive Cyber-Physical nature Security toolkit ECU security Secure On-board Comm. Perimeter security Intrusion detection Raise the bar to prevent (simple) attacks Armin Wasicek 5

6 What is Intrusion Detection? Gathers and analyzes information Identifies potential security breaches Intrusions Misuse/Fraud Reports to users Perimeter Users System IDS Sensor Armin Wasicek 6

7 Manipulation and Fault tolerance Triggering unsafe states will stop the system Manipulations are subtle Stay within safe states, but modified behavior Recognition and Recovery NTHSA: Misbehavior Detection [DOT HS ] Development of the processes, algorithms, reporting requirements, and data requirements for both local and global detection functions; Armin Wasicek 7

8 Types of IDS IDS S Knowledge-based IDS Patterns/Signatures of malicious activities Low false positive rate, needs frequent updates Heuristic-based IDS Look for abnormal behavior, e.g., higher entropy Detect new attack patterns Context-aware IDS Compare to reference model, include semantics Check against specifications and regulations Armin Wasicek 8

9 Automotive System Architecture On-board networks Segregation Malicious devices Eth Backbone Cloud ECU Switch GW Over-the-air Updates Environmental info. Board computer External communication Host-based IDS monitors ECU CPU & memory usage, syscalls, # processes, Network IDS monitors communication Message frequency, patterns, entropy, Identify anomalies and outliers Armin Wasicek 9

10 Chip tuning Modify control algorithm parameters in ECU Parameters are stored in a table in flash memory Reprogram ECU with new values Debug interface, 3 rd party device Messages emitted by ECU seem original! Armin Wasicek 10

11 Power boxing Improves low end torque. Plug-in installation in less than 30 minutes. Modify commands to ECU Replace the ECU in the communication system Insert device between the ECU and actuators Communication pattern does not change! Armin Wasicek 11

12 Cyber-Physical Attacks Automotive systems are Cyber-Physical Checking only cyber properties like CAN message frequency might miss important attack vectors IDS needs to target attack on the physical part Compare actual behavior to reference model enabling misbehavior detection Armin Wasicek 12

13 Automotive System Architecture Chip Tuning ECU RPM, torque Switch Backbone IDS GW Cloud Threat defense Over-the-air Updates Detect misbehavior Wheel speed Road conditions Integrate firewall, authentication, and detection Fuse information from diverse sources Use semantics of control msg to reason about manipulation Armin Wasicek 13

14 Feature Selection Select parameters capturing engine behavior Engine control measures many useful parameters Speed velocity of vehicle RPM angular velocity of engine Torque turning force We want to detect modifications, like going around the curve slightly faster, having more torque on a slope, etc. 14

15 Intrusion Detection Layer Compares current to reference behavior Trained model reconstructs some features poorly These are considered as outliers Manipulation, if num. of outliers exceeds threshold Armin Wasicek 15

16 Feature Extraction Convert a time series to a feature vector Processing pipeline works on a time slice Use original signal and its differentiation Use statistical moments to expand features Normalize feature vector Armin Wasicek 16

17 Artificial Neural Networks Solve a one-class classification problem Autoencoder Neural Network: Hidden layer generalizes ratio between features Stores the typical behavior of an engine Trained using same vector for input X, output Y Anomaly score is error between input and output Armin Wasicek 17

18 Evaluation Racing car simulation TORCS Car model p406 simulating a Peugeot 406 Increase engine torque by 10 Nm and 30 Nm Let the robot do the driving! Armin Wasicek 18

19 Engine tuning Modification Modify RPM/Torque ratio Recognizing manipulation Bottleneck ANN 8 hidden perceptron ROC curve looks promising Note: This is unsupervised learning! Armin Wasicek 19

20 Experimental Setup Perform analytics, detect presence Power boxing to manipulate engine control Read out data via OBD II Urban/Highway driving cycles Armin Wasicek 20

21 Min/max values Real car data original modified Data points Vehicle speed Engine RPM Fuel rate Fuel/Air commanded equivalence Accelerator pedal position D Calculated load value Absolute throttle position O2 sensor lambda wide range Absolute throttle position B Catalyst temperature Armin Wasicek 21

22 Anomaly score Recognition result ANN w. 16 hidden ANN w. 32 hidden ANN w. 43 hidden Ratio anomaly score of X mod / X val ANN w. 43 hidden ANN w. 32 hidden ANN w. 16 hidden Size of subset (% of dataset) Iterations ANN with 43 hidden nodes has 6-8 times higher anomaly score than validation set. 16 ~ factor 1.5 Armin Wasicek 22

23 Integration options Software Component (SWC) in AUTOSAR terminology Subscribe to relevant data via Virtual Function Bus (VFB) CAID integration options o Standalone: on the CAN bus connecting the Central Gateway (CGW) to the OBD port o Integrated: Part of the CGW Armin Wasicek 23

24 Related Work CAN message statistics [Hoppe et al., 2007] Entropy-based IDS [Muter et al., 2011] Commercial IDS/IPS: Deep Packet Inspection identifies abnormal behavior Context-aware IDS [Wasicek and Weimerskirch, 2015] Armin Wasicek 24

25 Conclusion and Outlook Automotive systems are Cyber-Physical IDS need to recognize cyber and physical attacks Integrate with other security mechanisms Intelligently use the cloud to recognize attacks Faults, ageing, and repair effects are challenging Armin Wasicek 25

26 Thanks for your attention! Contact me: Yelizaveta Burakova

27 Response and Recovery What to do after an intrusion has been detected? Not yet clear Depends on location, current state of vehicle Log threat Disable/inhibit features Service procedure What are means to react on intrusions/misuse? Armin Wasicek 27

28 Automotive IDS Architecture Armin Wasicek 28

Context-aware Intrusion Detection in Automotive Control Systems

Context-aware Intrusion Detection in Automotive Control Systems Context-aware Intrusion Detection in Automotive Control Systems Armin R. Wasicek University of California, Berkeley Yelizaveta Burakova University of Michigan Mert D. Pesé University of Michigan Karan

More information

Automotive Anomaly Monitors and Threat Analysis in the Cloud

Automotive Anomaly Monitors and Threat Analysis in the Cloud Automotive Anomaly Monitors and Threat Analysis in the Cloud Dr. André Weimerskirch Vector Automotive Cyber Security Symposium October 12, 2017 Cybersecurity Components Secure Internal & External Communications

More information

Development of Intrusion Detection System for vehicle CAN bus cyber security

Development of Intrusion Detection System for vehicle CAN bus cyber security Development of Intrusion Detection System for vehicle CAN bus cyber security Anastasia Cornelio, Elisa Bragaglia, Cosimo Senni, Walter Nesci Technology Innovation - SSEC 14 Workshop Automotive SPIN Italia

More information

Cyber security mechanisms for connected vehicles

Cyber security mechanisms for connected vehicles Infineon Security Partner Network Partner Use Case Cyber security mechanisms for connected vehicles Protecting automotive vehicle networks and business models from cyber security attacks Products AURIX

More information

NEXT GENERATION SECURITY OPERATIONS CENTER

NEXT GENERATION SECURITY OPERATIONS CENTER DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting

More information

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cybersecurity Challenges for Connected and Automated Vehicles Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cars are becoming complex (and CAV is only part of it) 1965: No

More information

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Using Threat Analytics to Protect Privileged Access and Prevent Breaches Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers

More information

Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security

Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security In less than a year, 100s of millions connected cars Aftermarket connectivity most prevalent

More information

Security Information & Event Management (SIEM)

Security Information & Event Management (SIEM) Security Information & Event Management (SIEM) Datasheet SIEM in a nutshell The variety of cyber-attacks is extraordinarily large. Phishing, DDoS attacks in combination with ransomware demanding bitcoins

More information

Data Sources for Cyber Security Research

Data Sources for Cyber Security Research Data Sources for Cyber Security Research Melissa Turcotte mturcotte@lanl.gov Advanced Research in Cyber Systems, Los Alamos National Laboratory 14 June 2018 Background Advanced Research in Cyber Systems,

More information

Countermeasures against Cyber-attacks

Countermeasures against Cyber-attacks Countermeasures against Cyber-attacks Case of the Automotive Industry Agenda Automotive Basics ECU, domains, CAN Automotive Security Motivation, trends Hardware and Software Security EVITA, SHE, HSM Secure

More information

Experimental Security Analysis of a Modern Automobile

Experimental Security Analysis of a Modern Automobile Experimental Security Analysis of a Modern Automobile Matthias Lange TU Berlin June 29th, 2010 Matthias Lange (TU Berlin) Experimental Security Analysis of a Modern Automobile June 29th, 2010 1 / 16 Paper

More information

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most

More information

align security instill confidence

align security instill confidence align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed

More information

IC32E - Pre-Instructional Survey

IC32E - Pre-Instructional Survey Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into

More information

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 Imagine your dream car 2 Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT

More information

K12 Cybersecurity Roadmap

K12 Cybersecurity Roadmap K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the

More information

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive

More information

The Oracle Trust Fabric Securing the Cloud Journey

The Oracle Trust Fabric Securing the Cloud Journey The Oracle Trust Fabric Securing the Cloud Journey Eric Olden Senior Vice President and General Manager Cloud Security and Identity 05.07.2018 Safe Harbor Statement The following is intended to outline

More information

CISCO EXAM QUESTIONS & ANSWERS

CISCO EXAM QUESTIONS & ANSWERS CISCO 650-377 EXAM QUESTIONS & ANSWERS Number: 650-377 Passing Score: 800 Time Limit: 120 min File Version: 45.5 http://www.gratisexam.com/ CISCO 650-377 EXAM QUESTIONS & ANSWERS Exam Name: ABNAME Advanced

More information

Securing the future of mobility

Securing the future of mobility Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need

More information

PULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc

PULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc #RSAC SESSION ID: AIR-R04 PULLING OUR SOCS UP VODAFONE GROUP AT RSAC 2018 Emma Smith Group Technology Security Director Vodafone Group Plc Andy Talbot Global Head of Cyber Defence Vodafone Group Plc Pulling

More information

Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT

Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT Tony T. Luo, Institute for Infocomm Research, A*STAR, Singapore - https://tonylt.github.io Sai G. Nagarajan, Singapore University

More information

Heavy Vehicle Cyber Security Bulletin

Heavy Vehicle Cyber Security Bulletin Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin

More information

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017 Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen Axel Freiwald 1/2017 All OEMs Will Implement Software OTA As Soon As Possible IHS Study Motivation: Save on recalls caused by software bugs Evolution

More information

Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division

Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division Cybersecurity is not one Entry Point Four Major Aspects of Cybersecurity How

More information

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic

More information

Future and Emerging Threats in ICT

Future and Emerging Threats in ICT Future and Emerging Threats in ICT www.ict-forward.eu Edita Djambazova Institute for Parallel Processing Bulgarian Academy of Sciences 1 Description ICT-FORWARD is a Coordination Action that aims at promoting

More information

Resilient Smart Grids

Resilient Smart Grids Resilient Smart Grids André Teixeira Kaveh Paridari, Henrik Sandberg KTH Royal Institute of Technology, Sweden SPARKS 2nd Stakeholder Workshop Cork, Ireland March 25th, 2015 Legacy Distribution Grids Main

More information

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever

More information

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies

More information

Notes U695. (1) Vehicle power supply must meet the normal operating voltage, such as

Notes U695. (1) Vehicle power supply must meet the normal operating voltage, such as STATEMENT (1) This manual is designed for the U695 product, any company or individual are not permit to replicate and backup it in any form if they don't have the authority license from UIFTECH CO., LTD

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content

More information

MASP Chapter on Safety and Security

MASP Chapter on Safety and Security MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio

More information

Trusted Platform Modules Automotive applications and differentiation from HSM

Trusted Platform Modules Automotive applications and differentiation from HSM Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)

More information

Green Lights Forever: Analyzing the Security of Traffic Infrastructure

Green Lights Forever: Analyzing the Security of Traffic Infrastructure Green Lights Forever: Analyzing the Security of Traffic Infrastructure RAJSHAKHAR PAUL Outline Introduction Anatomy of a Traffic Infrastructure Case Study Threat Model Types of Attack Recommendation Broader

More information

An Experimental Analysis of the SAE J1939 Standard

An Experimental Analysis of the SAE J1939 Standard Truck Hacking: An Experimental Analysis of the SAE J1939 Standard 10th USENIX Workshop On Offensive Technologies (WOOT 16) Liza Burakova, Bill Hass, Leif Millar & Andre Weimerskirch Are trucks more secure

More information

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological

More information

Cyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies

Cyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies Cyber Security and Vehicle Diagnostics Mark Zachos DG Technologies SAE INTERNATIONAL SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems Published January 2016; drive to a risk-based,

More information

CYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun

CYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural

More information

4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints

4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints

More information

Detect Cyber Threats with Securonix Proxy Traffic Analyzer

Detect Cyber Threats with Securonix Proxy Traffic Analyzer Detect Cyber Threats with Securonix Proxy Traffic Analyzer Introduction Many organizations encounter an extremely high volume of proxy data on a daily basis. The volume of proxy data can range from 100

More information

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats

More information

Internet infrastructure

Internet infrastructure Internet infrastructure Prof. dr. ir. André Mariën (c) A. Mariën 04/03/2014 1 Topic Vulnerability and patch management (c) A. Mariën 04/03/2014 2 Requirements Security principle: Everything can and will

More information

Emerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan

Emerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan Emerging Threat Intelligence using IDS/IPS Chris Arman Kiloyan Who Am I? Chris AUA Graduate (CS) Thesis : Cyber Deception Automation and Threat Intelligence Evaluation Using IDS Integration with Next-Gen

More information

McAfee Network Security Platform Administration Course

McAfee Network Security Platform Administration Course McAfee Network Security Platform Administration Course Education Services administration course The McAfee Network Security Platform Administration course from McAfee Education Services is an essential

More information

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

White Paper. Why IDS Can t Adequately Protect Your IoT Devices White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity

More information

ISC2 EXAM - CISSP. Certified Information Systems Security Professional. Buy Full Product.

ISC2 EXAM - CISSP. Certified Information Systems Security Professional. Buy Full Product. ISC2 EXAM - CISSP Certified Information Systems Security Professional Buy Full Product http://www.examskey.com/cissp.html Examskey ISC2 CISSP exam demo product is here for you to test the quality of the

More information

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) Koji NAKAO, NICT, Japan (Expert of UNECE WP29/TFCS) General Flow of works in WP29/TFCS and OTA Data protection

More information

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches

More information

CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION. Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018

CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION. Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018 CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018 Car Hacking Immediately my accelerator stopped working. As I frantically

More information

The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks

The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks Mark Nicolett Notes accompany this presentation. Please select Notes Page view. These materials

More information

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016 Secure Ethernet Communication for Autonomous Driving Jared Combs June 2016 Agenda Motivation for Security The Multi-Level Security Architecture Proposal Level 1: Restrict access to the network Level 2:

More information

An AI-Assisted Cyber Attack Detection Framework for Software Defined Mobile Networks

An AI-Assisted Cyber Attack Detection Framework for Software Defined Mobile Networks An AI-Assisted Cyber Attack Detection Framework for Software Defined Mobile Networks G. Catania 1, L. Ganga 1, S. Milardo 2, G. Morabito 3, A. Mursia 1 1 Land & Naval Defence Electronics Division - Leonardo

More information

Communication Pattern Anomaly Detection in Process Control Systems

Communication Pattern Anomaly Detection in Process Control Systems Communication Pattern Anomaly Detection in Process Control Systems Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein

More information

Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist

Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist Internet of Things Group 2 Internet of Things Group 3 Autonomous systems: computing platform Intelligent eyes Vision. Intelligent

More information

Designing and Building a Cybersecurity Program

Designing and Building a Cybersecurity Program Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity

More information

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Top 6 WAF Essentials to Achieve Application Security Efficacy The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and

More information

Defense in Depth Security in the Enterprise

Defense in Depth Security in the Enterprise Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection

More information

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018 Scalable and Flexible Software Platforms for High-Performance ECUs Christoph Dietachmayr Sr. Engineering Manager, November 8, Agenda A New E/E Architectures and High-Performance ECUs B Non-Functional Aspects:

More information

HOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS

HOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS HOLY ANGEL UNIVERSITY LLEGE OF INFORMATION AND MMUNICATIONS TECHNOLOGY CYBER SECURITY URSE SYLLABUS Course Code : 6CSEC Prerequisite : 6MPRO2L Course Credit : 3 Units (2 hours LEC,3 hours LAB) Year Level:

More information

How to Create, Deploy, & Operate Secure IoT Applications

How to Create, Deploy, & Operate Secure IoT Applications How to Create, Deploy, & Operate Secure IoT Applications TELIT WHITEPAPER INTRODUCTION As IoT deployments accelerate, an area of growing concern is security. The likelihood of billions of additional connections

More information

iobd2 MFi BT VAG Adapter User Manual

iobd2 MFi BT VAG Adapter User Manual iobd2 MFi BT VAG Adapter User Manual VW, AUDI, SKODA, SEAT Preface Thank you for using this product. Please read instructions carefully before operating this unit. This manual guides the users how to operate

More information

STATEMENT. (2) PS701 is just offered for the professional and technical personnel of vehicle maintenance

STATEMENT. (2) PS701 is just offered for the professional and technical personnel of vehicle maintenance STATEMENT (1) This manual is designed for the PS701 product, any company or individual are not permit to replicate and backup it in any form if they don't have the authority license from XTOOLTECH CO.,

More information

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,

More information

Beyond Firewalls: The Future Of Network Security

Beyond Firewalls: The Future Of Network Security Beyond Firewalls: The Future Of Network Security XChange University: IT Security Jennifer Blatnik 20 August 2016 Security Trends Today Network security landscape has expanded CISOs Treading Water Pouring

More information

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1 RSA Advanced Security Operations Richard Nichols, Director EMEA 1 What is the problem we need to solve? 2 Attackers Are Outpacing Defenders..and the Gap is Widening Attacker Capabilities The defender-detection

More information

Honey, I Hacked the SCADA! :Industrial CONTROLLED Systems!

Honey, I Hacked the SCADA! :Industrial CONTROLLED Systems! Honey, I Hacked the SCADA! :Industrial CONTROLLED Systems! Jon L. Korecki Executive Director Cyber Security and Information Assurance ViaSat Inc. - Carlsbad, CA jon.korecki@viasat.com Agenda History of

More information

WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief

WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta

More information

How will cyber risk management affect tomorrow's business?

How will cyber risk management affect tomorrow's business? How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018

More information

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018 Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your

More information

Building a Resilient Security Posture for Effective Breach Prevention

Building a Resilient Security Posture for Effective Breach Prevention SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.

More information

June 2 nd, 2016 Security Awareness

June 2 nd, 2016 Security Awareness June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal

More information

Cybersecurity Roadmap: Global Healthcare Security Architecture

Cybersecurity Roadmap: Global Healthcare Security Architecture SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products

More information

FP7 NEMESYS Project: Advances on Mobile Network Security

FP7 NEMESYS Project: Advances on Mobile Network Security Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem FP7 NEMESYS Project: Advances on Mobile Network Security Elina Theodoropoulou R&D Projects Section Manager etheodorop@cosmote.gr

More information

WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD

WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD 2 A CONVERSATION WITH DAVID GOULDEN Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative

More information

Mission Aware Cybersecurity

Mission Aware Cybersecurity Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence

More information

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them

More information

Does someone else own your company s reputation? EY Global Information Security Survey 2018

Does someone else own your company s reputation? EY Global Information Security Survey 2018 Does someone else own your company s reputation? EY Global Information Security Survey 2018 Perspectives for technology, media and entertainment, and telco companies Risking cyber reputations Are TMT companies

More information

Automotive Networks Are New Busses and Gateways the Answer or Just Another Challenge? ESWEEK Panel Oct. 3, 2007

Automotive Networks Are New Busses and Gateways the Answer or Just Another Challenge? ESWEEK Panel Oct. 3, 2007 Automotive Networks Are New Busses and Gateways the Answer or Just Another Challenge? ESWEEK Panel Oct. 3, 2007 Automotive Networks complex networks hundreds of functions 50+ ECUs (Electronic Control Unit)

More information

Intrusion Detection Systems Overview

Intrusion Detection Systems Overview Intrusion Detection Systems Overview Chris Figueroa East Carolina University figueroac13@ecu.edu Abstract Modern intrusion detection systems provide a first line of defense against attackers for organizations.

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

Acalvio Deception and the NIST Cybersecurity Framework 1.1

Acalvio Deception and the NIST Cybersecurity Framework 1.1 Acalvio Deception and the NIST Cybersecurity Framework 1.1 June 2018 The Framework enables organizations regardless of size, degree of cybersecurity risk, or cybersecurity sophistication to apply the principles

More information

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access

More information

CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]

CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ] s@lm@n CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ] Topic break down Topic No. of Questions Topic 1: Volume A 117 Topic 2: Volume B 122 Topic

More information

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017 Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT

More information

Internet of Things Toolkit for Small and Medium Businesses

Internet of Things Toolkit for Small and Medium Businesses Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors

More information

ecuexplorer User Guide

ecuexplorer User Guide Installation...2 Getting Started...3 User Interface...3 Menu Structure...3 Initial Configuration...4 Hotkeys...4 Navigation Tree...5 User-Defined Data Items...5 Known Trouble Codes...6 Saved Log Files...7

More information

Automotive Security: Challenges and Solutions

Automotive Security: Challenges and Solutions Automotive Security: Challenges and Solutions 8 th Vector Congress 30 th November 2016 V2.01.00 2016-11-22 Agenda Introduction Services Embedded Security Mechanisms Tools Summary 2 Introduction Vehicle

More information

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity

More information

Transforming Utility Grid Operations with the Internet of Things

Transforming Utility Grid Operations with the Internet of Things Solution Brief Internet of Things Energy Industry Transforming Utility Grid Operations with the Internet of Things Access key process data in real time to increase situational awareness of grid operations.

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

10 th AUTOSAR Open Conference

10 th AUTOSAR Open Conference 10 th AUTOSAR Open Conference Dr. Moritz Neukirchner Elektrobit Automotive GmbH Building Performance ECUs with Adaptive AUTOSAR AUTOSAR Nov-2017 Major market trends and their impact Trends Impact on E/E

More information

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC Prescriptive Security Operations Centers Leveraging big data capabilities to build next generation SOC Cyber Security Industry in constant renewal in 2016 and 2017 1 Tbps Mirai IoT Botnet broke the Internet

More information

OTA and Remote Diagnostics

OTA and Remote Diagnostics OTA and Remote Diagnostics Vector ongress 26, Stuttgart, 26--29 V. 26--29 onnectivity offers greater Benefit to the automotive industry At a glance onnectivity offers greater benefit to the Automotive

More information

PT Unified Application Security Enforcement. ptsecurity.com

PT Unified Application Security Enforcement. ptsecurity.com PT Unified Application Security Enforcement ptsecurity.com Positive Technologies: Ongoing research for the best solutions Penetration Testing ICS/SCADA Security Assessment Over 700 employees globally Over

More information

User Guide. Subaru Turbo (North American Models)

User Guide. Subaru Turbo (North American Models) User Guide Subaru Turbo (North American Models) Page 2 Table of Contents Product Introduction 4 Supported Vehicle List 4 In-Box Contents 5 What Is A Map? 7 AccessPORT Installation 8 Pre-Installation 8

More information

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017 Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT

More information

Guide to Network Defense and Countermeasures Second Edition. Chapter 2 Security Policy Design: Risk Analysis

Guide to Network Defense and Countermeasures Second Edition. Chapter 2 Security Policy Design: Risk Analysis Guide to Network Defense and Countermeasures Second Edition Chapter 2 Security Policy Design: Risk Analysis Objectives Explain the fundamental concepts of risk analysis Describe different approaches to

More information