Automotive Systems Hacking
The significance of Automotive Security has been rapidly increasing, however, gaining entry into this research domain remains a challenging feat.
In this instructional program, we aim to impart fundamental knowledge on automotive protocols and systems that are required to understand all details and specialties of Electronic Control Units (ECUs). We provide physical ECUs for the purpose of hardware reverse engineering and elucidation. Moreover, we offer a virtualized and remote environment that helps to overcome the typical difficulties encountered during practical work on hardware systems. In the automotive industry, each Original Equipment Manufacturer (OEM) follows a distinctive design philosophy. Hence, we introduce relevant tools and background information, necessary for the exploitation of actual cars and ECUs. Lastly, we exhibit automation strategies for the assessment of automotive network security and system security.
Key Learning Objectives:
- How to identify attack surfaces on ECUs
- Understand low level CAN and CANFD communication and attacks
- Obtain an overview on common vehicle architectures and network topologies
- Know the most relevant protocols in vehicles
- Receive hands-on experience in automotive network scans
- Get an overview on toolchains of OEMs and their software update mechanisms
- Know basics about current immobilizer systems
Target Audience:
- Researchers and Engineers either with a Background in Security or in Automotive.
Requirements:
- Laptop with WiFi or Ethernet and Admin / root privileges
- (Arch) Linux is the preferred OS
- SSH client - Installation of latest Ghidra version
- Installation of Wireshark and Python3
Prerequisite:
- Basic knowledge of programming (C, Python)
- Basic knowledge of Linux
- Basic knowledge of embedded systems is a plus, but not required
- Basic knowledge of firmware reversing with Ghidra is a plus, but not required
- Basic knowledge of Wireshark or Scapy is a plus, but not required