DeepSec 2011: patching vehicle insecurities

September 9, 2012 in security, talks by the machinegeek | 0 comments


In this talk from the DeepSec 2011 conference Constantinos Patsakis and Kleanthis Dellios discuss their theory for developing more effective automotive security anti-theft systems.
They explain: “In order to patch known security breaches and create a more extensible in-vehicle computer system, we propose the use of a TTP (Time-Triggered Protocol) entity inside the vehicle, which sends the ignite signal to the engine only if the main parts of the vehicle have properly been authenticated. The vehicle’s MCU takes the role of the TTP, therefore applying a ‘Deny all’ policy towards any possible malicious hardware injection. In order to secure the MCU from software attacks, the MCU resides inside an application firewall which filters incoming traffic.”

This entry was posted in security, talks and tagged , .

Leave a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.