Presentation Material
Abstract
When you are driving a car today, you are driving a hugely powerful computer system that happens to have wheels and steering. There’s nothing on a car that is not mediated by a computer. At the core of all this is the Controller Area Network or CAN bus called as the central nervous system of a car which does intra-vehicular communication. But CAN is inherently insecure and fails to implement basic security mechanisms. This talk is going to be a practical guide on reverse-engineering the CAN bus packets using Instrument Cluster Simulator called ICSim. The talk is going to introduce you to Vehicle Network, ECU, vehicle Protocols, CAN Bus protocol, Reverse Engineering of CAN bus, identification of the arbitration ID of a specific vehicle event, replay attacks, send commands on your CAN Bus and also an introduction to several hardware tools needed.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker, ,Yogesh, C, (expert in car hacking), discussed car hacking and automotive security. He explained how cars can be hacked through the OBD-II connector, which is used for diagnostic purposes. He demonstrated how packets can be sent to control various car systems, such as ABS braking, and how priority is given to packets with ID 0.
The speaker recommended reading “Car Hacker’s Handbook” by Open Garages for those interested in learning more about car hacking. He also mentioned that some car manufacturers use secure CAN protocols that implement encryption, but this is not widely adopted due to implementation costs.
During the Q&A session, the speaker answered questions on various topics, including:
- Autonomous cars: The OBD connector may still work in autonomous vehicles, but it’s not certain.
- Secure CAN: It’s possible to use encryption with secure CAN, but it’s not widely implemented due to cost.
- Communication protocols: Cars use custom protocols for communication, similar to TCP/UDP.
- IDS/IPS on cars: Implementing intrusion detection and prevention systems on cars is feasible but expensive to maintain.
- Monitoring car networks: It’s possible to monitor and collect data from car internal networks remotely.
The speaker concluded by recommending countermeasures against car hacking attacks, such as using encryption with private keys and implementing IDS/IPS systems.