Categories

DeepSec 2011: patching vehicle insecurities

Posted on Sunday, September 9th, 2012 in security, talks by the machinegeek


In this talk from the DeepSec 2011 conference Constantinos Patsakis and Kleanthis Dellios discuss their theory for developing more effective automotive security anti-theft systems.
They explain: “In order to patch known security breaches and create a more extensible in-vehicle computer system, we propose the use of a TTP (Time-Triggered Protocol) entity inside the vehicle, which sends the ignite signal to the engine only if the main parts of the vehicle have properly been authenticated. The vehicle’s MCU takes the role of the TTP, therefore applying a ‘Deny all’ policy towards any possible malicious hardware injection. In order to secure the MCU from software attacks, the MCU resides inside an application firewall which filters incoming traffic.”

This entry was posted on Sunday, September 9th, 2012 at 1:00 pm and is filed under security, talks. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • coppice: If all you have found so far is fake iphones, the next place you should visit is SEG in Hua Qiang Bei. Get out of...
  • Edward Cooper: Great article and good find on the markets! Any chance you can provide the locations of these places? I'm in Shenzhen at the moment and...
  • Dan: I'm up for one
  • TrickyNekro: Always in for another bunch! :-D
  • mol-1: Maybe this time !