With the advent of connected cars, the threats on these vehicles are more and more important. While the car manufacturers are mainly interested in remote attacks, we will explain through this training that every bit of information can be useful to an attacker, and that local attacks should also be considered during the learning phase of the hackers, ultimately leading to remote attacks.
In this training, we will demonstrate several techniques that can be used to attack a connected ECU and compromise the entire vehicle. Each attendee will be provided with a demonstration ECU based on a RaspberryPi and a Teensy3.2 with a CAN transceiver. This ECU has the same architecture as a connected ECU, and contains several services that the attendees will attack.
The training is organized around slides explaining the theory of each attack (how it works, how you can use it), and a practical session to perform this attack on the demo ECU. The practical sessions should take most of the time of the training, and solutions will be provided during each session so that the attendees can learn how to perform each attack, and do it. In the end, a demonstration of each attack will be provided.
During each exercise, we will focus on why the attack was possible, as well as how to prevent this kind of attack. In the end of the training, we will present a global methodology to assess the security of a connected ECU and explain how to protect connected ECUs.
This training presents common attacks against connected ECUs, as well as several ways to prevent them. This is a hands-on training, so the attendees should expect to perform the attacks by themselves.
We will explain why connected ECUs are vulnerable to state-of-the-art attacks, and how to adapt common attacks to these devices.
The attendees should ideally have notions of reverse engineering, or at least be prepared to learn them quickly.
The attendees should be familiar with C programming.
The ability to read x86/ARM assembly is a plus.
Guillaume Heilles is a security engineer at Quarkslab. He's mainly focused on hardware attacks on IoT devices, but also on reverse engineering and exploitation. He has presented the Hardware CTF at hardwear.io since 2017 & a talk on How to drift with any car at 3r4th CCC 2017. Performing security assessments on connected ECUs is part of his daily work.