Presentation is loading. Please wait.

Presentation is loading. Please wait.

State of Security and Reliability of Connected Car EcoSystem

Published bySabrina Floyd Modified over 7 years ago

Similar presentations

Presentation on theme: "State of Security and Reliability of Connected Car EcoSystem"— Presentation transcript:

1 State of Security and Reliability of Connected Car EcoSystem
Atul Prakash Department of EECS University of Michigan, Ann Arbor Contact:

2 Our Research & Expertise
Security of IoT Frameworks Some recent accomplishments: FlowFence: Practical Data Protection for Emerging IoT Application Frameworks USENIX Security, 2016 Analyzed security of Samsung's SmartThings IoT framework and hub-based architecture. IEEE Security and Privacy Distinguished Practical Paper, 2016

3 Lines of Code in an Automobile
Source: Information is beautiful.net Source: Inforamtionisbeautiful.net

4 Reliability concerns Software is complex. Real-time requirements in many sub-systems. Large body of code implies existence of bugs Increasing attack surface over time Network access, Use of OBD-II port for tasks other than diagnostics

5 Do bugs have real-world impact?
Unquestionably. Ford Sync and Consumer Reports ratings Toyota brake/accelerator issue? Driver death when Tesla was in auto-pilot mode Chrysler recall: remote attack vulnerabilities in 2015

6 Reliability Challenge
Google/Facebook bug vs. bug in an automobile. Criticality? Size of software teams? Open source vs. closed source Where would top software engineering talent go today? Facebook? Auto companies? Why? Bug bounty programs? How do they compare?

7 A Bay Area company's Bug Bounty program

8 Auto Companies Bug Bounty Program
Great to see them come into existence Awards: Chrysler: $150 to $1500 GM. Hall of Fame. Not sure if there is a reward Ford? Not sure if one exists yet

9 One auto company: What bugs don't count?
Denial of service attacks Report of insecure SSL/TLS ciphers Open ports which do not lead directly to vulnerability Open redirect vulnerabilities Publicly accessible login panels Content spoofing/text injection

10 Posture towards those reporting bugs
A Bay Area company:

11 Posture towards those reporting bugs
One auto company X agrees to not pursue claims against researchers related to the disclosures submitted through this website who: … publicly disclose vulnerability details only after X confirms completed remediation of the vulnerability and not publicly disclose vulnerability details if there is no completion date or completion cannot be ascertained;

12 Which policy works for researchers?
A driving force for top researchers: conference deadlines My own team's experience: Vulnerabilities in SmartThings platform Vulnerabilities on banking web sites At most a few months window for us to hold back public disclosure Auto companies may need to adapt to such a time scale

13 Are connected cars risky?
Remote Exploit of an Unaltered Jeep Cherokee, Black Hat demo (Chris Valasek and Charlie Miller) 1.4M vehicle recall of Chrysler Vehicles. Multiple models recalled.

14 Basics of the Hack WiFi (crack password) -> Head Unit (Linux)
Alternative: Cellular network -> Head Unit (Linux) From there, compromised Multimedia System an then the CAN bus.

15 Was this the earliest attack?
No. It just got a lot of attention since the identity of the vehicle was revealed. Similar attack demonstrated earlier by a UCSD-UW team of researchers in on an unidentified car (at that time) In 2010, at IEEE S&P, they showed that CAN bus is insecure. Physical access to the OBD-II port, for example, allowed full compromise of the car In 2011, at Usenix Security, they showed remote exploits

16 Attacks on Car Platforms
research by UCSD & UW

17 Key takeaways Can cars be completely compromised if attackers get access to the CAN bus? Yes. ECUs can be reprogrammed with new firmware, commands can be injected to control actuators and devices or to control ECUs. Also, backup safety systems can be blocked from communicating

18 Response time for security fixes
For attack, according to a Wired article, it was a GM Impala vehicle. Researchers shared the attack details with GM, but not with the public (nor the identity of the vehicle). It took GM approximately 5 years to fix. For 2015 attack, identity of the vehicle was made public. It led to a quick recall and fix by Chrysler.

19 Lesson? Reveal Did revealing the identity of the vehicle have to do with a quicker response? Or differences in car companies? More likely that the auto industry were not ready to handle security issues in 2010, but is now much better According to UW-UCSD researchers, it would have been a bad idea to reveal the car's identity in , given the nascent state of automobile security at the time

20 How fundamental are the problems?
CAN bus: 30-year old design. No security features. All bets off once a hacker accesses the CAN bus via any component on the bus or via the OBD port Retrofitting security in the standard likely hard or impossible (though companies are trying) Likely: CAN bus needs to be replaced by a more secure standard

21 What about "air gap"? Car companies try to isolate infotainment systems from safety-critical systems. In practice, air gap is often not a true air gap. Shared components can breach the gap In exploited Jeep, the Multimedia Unit was not directly on the CAN bus. Nevertheless, attackers were able to get on the CAN bus

22 OBD-II port Law since 1996 requires a standard diagnostic port for mechanics. Directly on the CAN bus Multiple of devices available that plug into the port, some with apps.

23 Are security problems still there?
Yes! Fundamentally, they never went away They continue to be discovered. Same 2014 Jeep was attacked again at BlackHat 2016 via a different attack vector Sevearl papers at IEEE Security and Privacy 2016 and Usenix Security Symposium 2016 on automotive security

24 Are attackers incentivized to exploit them?
Jury is out, but history on other platforms suggests Yes. Ransomware, creating nuisance, eavesdropping and privacy leaks, and targeted attacks: all theoretically possible State actors should not be ruled out

25 What can car companies do?
Emulate software companies like Google, Facebook, Apple, and Microsoft Work closely with academic security researchers. Car communication infrastructure needs re-think. Be more open. Security by obscurity usually does not work Assume that motivated hackers will eventually be there as connected cars become more popular and share software components. Some predictions: Ransomware to allow car use We will be getting weekly or monthly software upgrades

Download ppt "State of Security and Reliability of Connected Car EcoSystem"

Similar presentations

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Michael Westra, CISSP June 2012 2012 BSides Detroit Security Presentation: Vehicle Hacking “If you think technology can solve your security problems, then.

Michael Westra, CISSP June BSides Detroit Security Presentation: Vehicle Hacking “If you think technology can solve your security problems, then.
Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.

Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.
Evolving Threats Paul A. Henry MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE Florida PI License C2800597 Forensics & Recovery LLC Florida.

Evolving Threats Paul A. Henry MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE Florida PI License C Forensics & Recovery LLC Florida.
Web Applications Testing By Jamie Rougvie Supported by.

Web Applications Testing By Jamie Rougvie Supported by.
+ Moving Targets: Security and Rapid-Release in Firefox Presented by Carlos Bernal-Cárdenas.

+ Moving Targets: Security and Rapid-Release in Firefox Presented by Carlos Bernal-Cárdenas.
Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
OBD Technology Update 5/3/2016.

OBD Technology Update 5/3/2016.
Www.appmobi.com The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.

The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Understanding Threat Models for Embedded Devices Jake Edge LWN.net Embedded Linux Conference Europe October 28, 2010.

Understanding Threat Models for Embedded Devices Jake Edge LWN.net Embedded Linux Conference Europe October 28, 2010.
Common System Exploits Tom Chothia Computer Security, Lecture 17.

Common System Exploits Tom Chothia Computer Security, Lecture 17.
Global Worldwide Connected Cars Market “Global Connected Cars Market, By Technology (2G, 3G, 4G, GNSS), By Connectivity (Embedded, Integrated, Tethered),

Global Worldwide Connected Cars Market “Global Connected Cars Market, By Technology (2G, 3G, 4G, GNSS), By Connectivity (Embedded, Integrated, Tethered),
November 14, 2016 bit.ly/nercomp_defendingyourdata16

November 14, 2016 bit.ly/nercomp_defendingyourdata16
Botnets A collection of compromised machines

Botnets A collection of compromised machines
Pearson Writer.

Pearson Writer.
Total Car Diagnostics ELM327 USB scanner can read numerous car data/parameters that handheld scan tools can't. Combined with powerful OBD software — you'll.

Total Car Diagnostics ELM327 USB scanner can read numerous car data/parameters that handheld scan tools can't. Combined with powerful OBD software — you'll.
2017 Atlanta RIMS Educational Conference

2017 Atlanta RIMS Educational Conference
3 Do you monitor for unauthorized intrusion activity?

3 Do you monitor for unauthorized intrusion activity?
Koji Nakao, Dai Arisue NICT, Japan

Koji Nakao, Dai Arisue NICT, Japan

Similar presentations

Ads by Google