PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Similar documents
Automotive Anomaly Monitors and Threat Analysis in the Cloud

Trusted Platform Modules Automotive applications and differentiation from HSM

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Automotive Cyber Security

Secure Product Design Lifecycle for Connected Vehicles

Automotive Security Standardization activities and attacking trend

Offense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent

How Security Mechanisms Can Protect Cars Against Hackers. Christoph Dietachmayr, CIS Solution Manager EB USA Techday, Dec.

Conquering Complexity: Addressing Security Challenges of the Connected Vehicle

Diagnostic Trends 2017 An Overview

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

13W-AutoSPIN Automotive Cybersecurity

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

Countermeasures against Cyber-attacks

Securing the future of mobility

SGS CYBER SECURITY GROWTH OPPORTUNITIES

Risk-based design for automotive networks. Eric Evenchik, Linklayer labs & Motivum.io Stefano Zanero, Politecnico di Milano & Motivum.

Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security

Open Source in Automotive Infotainment

The case for a Vehicle Gateway.

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

Security Concerns in Automotive Systems. James Martin

Achieving End-to-End Security in the Internet of Things (IoT)

SECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM

Examining future priorities for cyber security management

Automotive Cybersecurity: A steep learning curve

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

Secure Ethernet Communication for Autonomous Driving. Jared Combs June 2016

Automotive Security: Challenges and Solutions

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

THE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS

Stepping Stone to Car Hacking

Embedded Automotive Systems Security:

Presentation's title

10 th AUTOSAR Open Conference

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

June 2 nd, 2016 Security Awareness

NC1701 ENHANCED VEHICLE COMMUNICATIONS CONTROLLER

MASP Chapter on Safety and Security

Medical Device Safety in a Connected World

10 th AUTOSAR Open Conference

Hardening Attack Vectors to cars by Fuzzing

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

CYBER SECURITY AND MITIGATING RISKS

Cyber security of automated vehicles

Maximum Security with Minimum Impact : Going Beyond Next Gen

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Car Hacking for Ethical Hackers

Expanding Cyber Security Management for Critical Infrastructure

Securing Your Most Sensitive Data

CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT

Car2Car Forum Operational Security

SECURITY OF VEHICLE TELEMATICS SYSTEMS. Daniel Xiapu Luo Department of Computing The Hong Kong Polytechnic University

Agenda. About TRL. What is the issue? Security Analysis. Consequences of a Cyber attack. Concluding remarks. Page 2

CompTIA Security+ Study Guide (SY0-501)

Designated Cyber Security Protection Solution for Medical Devices

Authentication with Privacy for Connected Cars - A research perspective -

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing

CANSPY A Platform for Auditing CAN Devices

Internet of Things Toolkit for Small and Medium Businesses

Enabling Smart Lighting for Smart Cities. How Cheen Ng 18 August 2017

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Automotive OTA The potential and the challenge

Addressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1

Network Security. Multi-Layer Approach to Security. Protection, Detection, and Remediation. Clay Ostlund Business Development Manager

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Automotive Attack Surfaces. UCSD and University of Washington

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

Automotive Gateway: A Key Component to Securing the Connected Car

Development of Intrusion Detection System for vehicle CAN bus cyber security

Autonomous Driving needs Safety & Security. Embedded World 2018 Dr. Ciwan Gouma

IoT and Smart Infrastructure efforts in ENISA

Functional Safety and Cyber-Security Experiences and Trends

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

Automotive Security: Challenges, Standards and Solutions. Alexander Much 12 October 2017

Cyber Security in Smart Commercial Buildings 2017 to 2021

Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division

Synchronized Security

Identity-Based Cyber Defense. March 2017

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

VEHICLE FORENSICS. Infotainment & Telematics Systems. Berla Corporation Copyright 2015 by Berla. All Rights Reserved.

4G and 5G Cellular Technologies Enable Intelligent Transportation Use Cases

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Intrusion Detection Adapted for Automotive Challenges for Hardware - An Implementation Example

Automotive Linux Summit 2017 May 31-June 2, 2017, Tokyo, Japan Advances and challenges in remote configuration of connected cars

Ken Agress, Senior Consultant PlanNet Consulting, LLC.

Information security summary

Security enhancing CAN transceivers. Bernd Elend Principal Engineer March 8 th, 2017

Securing the Connected Car. Eystein Stenberg Product Manager Mender.io

FORTIKA - Cyber Security Accelerator for trusted SMEs IT Ecosystems THE PROJECT

to Address Cyber Physical Systems Security (CPSSEC)

Complying with RBI Guidelines for Wi-Fi Vulnerabilities

Personal Cybersecurity

ANATOMY OF AN ATTACK!

Ido Sarig, General Manager, IOT Solutions Group DELIVERING END-TO-END INTELLIGENCE FOR THE INTERNET OF THINGS

Introduction to Cyber Security Issues for Transportation

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Transcription:

PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Imagine your dream car 2

Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT a real attack/vulnerability! 3

Is this realistic? Even reputable IT companies are vulnerable to cyber attacks. Car hacking has also been widely reported in the media. Individual tools are easily available: Ransomware kit Botnet distribution In-vehicle exploit Online/offline infection (infotainment) Spread to reach engine control Engine lock command Diagnostic services Anonymous payment collection Unlock optional Image from Wikimedia, 2017 Christiaan Colen, licensed under cc-by-sa-2.0. 4

The car as a rolling computer centre Originally, cars were designed as closed systems. Cyber-security was not an issue. Many different! electronic control units (ECUs) on an inhomogeneous network. Strong cost incentive smallest possible controller, least possible memory, no complex calculations. Start up in seconds, reaction time is often critical, many real-time constraints. External connectivity (Infotainment, SW updates, emergency calls, v2x smart services, IoT back-end). CANbus designed for a closed environment, no inherent protection. Automotive Ethernet designed as an open environment, no inherent protection. Physically accessible Almost open access while parked. Third-party repair shops need diagnostic and repair access. Uncontrolled spare parts may be installed. Side-channel attacks on legitimate HW. Human factor: the owner may willingly or not compromise security. From an enterprise security point of view, pretty difficult! 5

Vehicle network vulnerability Wireless external connectivity (GSM, WiFi, Bluetooth) Connect to an IoT backend for smart services (parking, traffic info) Connect to smart infrastructure and other vehicles (v2x) Connect to user devices CANbus most common vehicle network Shared bus among many devices No source ID Simple priority arbitration based on message ID Easy to fake any message Accessible via On-Board Diagnostic (OBD) port 6

Proof of concept demo 7 Image: 2017 ESCRYPT.

Life-cycle risks Development (supply chain!) Bugs Unsecure features Information leaks Manufacturing (supply chain!) Key management Configuration control Maintenance (independent garages, spare parts) Access control to diagnostics functions (vs. antitrust regulations) Firmware update over the air (FOTA) Min. 15 years aftermarket parts availability Cloud-based connected services Very useful, but security and privacy must be guaranteed! 8

How to protect our cars? Learn from functional safety in the automotive industry Strict development process, requirement and test traceability, failure modes and effects analysis (FMEA) Coding rules, static analysis, test coverage Learn from classical enterprise and network security Cryptography, secure protocols, threat and risk analysis Coding rules, grey-box analysis, penetration testing Apply best practices at all levels Legal framework Organizational measures State of the art technology Healthy paranoia 9

Protection at all levels! Legal framework Define responsibility Define authority Define standards Technical aspects Use state of the art technology Domain-based vehicle architecture @ Hardware security module Back-end infrastructure and services Defensive design, secure coding Penetration testing and analysis Fast SW release and remote update capability Organizational aspects $ Clarify incentives Train people Security engineering process Risk and threat analysis Manage product lifecycle Security management In-field monitoring 10

Domain-based architecture Each domain has a separate controller Domain controllers isolate critical functions Central gateway connects the various domains controls external connectivity, diagnostics port implements firewall manages virtual networks (VLAN) Automotive Ethernet used between domains Point-to-point connections, managed switches Hardware security module (HSM) enables sophisticated security features 11

Our experience getting started Goal: build up security testing and analysis experience from zero Situation: existing conformance testing capability Action: try port scan on automotive Linux dev kit (GENIVI on Raspberry Pi) Results: Open ports: ssh + Diagnostic Log and Trace (DLT) DLT: Debug info leak + diagnostic commands accepted Conclusion: This is normal during development No real functionality no real attack surface The production configuration must be verified! Long way to go! Next step: Test actual products in development 12

Conclusions Hacking vehicles is a real threat Protection is not easy! Legislation is in progress Secure technology is available Using it correctly is challenging Organizational challenge Expect a constant battle! 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback