Planning events, particularly those presenting innovative and complex cybersecurity technologies, takes a village.
Planning events, particularly those presenting innovative and complex cybersecurity technologies, takes a village. As ASRG is a not-for-profit organization, we rely heavily on volunteers. Our volunteers range in skills from information security to business development to marketing. Most work full time in related cybersecurity or automotive companies. They are located around the world and serve in high responsibility positions. Yet, somehow over the last few months, they have found the time to contribute to the greater good of catalyzing assured cybersecurity for our impending extremely exposed and vulnerable smart mobility market.
Therefore, this platform is to convey our deep appreciation for the hours of work invested in putting together Secure Our Streets 2022.
Hope to see you all again next year!
The idea of the keynote entitled “Empowering the correct implementation of cybersecurity in automotive development projects: 7 prerequisites that must be present in management and engineering” is to take the experience gained from projects with international OEMs and tier-N suppliers from the perspective of one of the world’s leading consulting firms for strategic guidance and operational implementation of cybersecurity in automotive development as a starting point to compile tangible lessons learned and recommendations for action in a generally applicable manner.
The purpose is to outline recurring shortcomings and weaknesses in practice that currently dominate the day-to-day work of cybersecurity managers as well as cybersecurity engineers in the different organizations of the supply chain and their respective automotive development projects.
In detail, illustrated with examples and concrete observations from the daily engineering practice, the following problems will be addressed:
One of the most important recommendations for action: The early and comprehensive development of cybersecurity competencies, aligned with the roles and functions of the organization and compliant with the evidence obligations of the most important industry standards and regulations.
Mr. Manuel Sandler is Partner of CYRES Consulting, headquartered in Munich, Germany. After graduating with Bachelor and Master degrees in Mathematics, his career in the automotive industry started as a development engineer for Functional Safety. Responsible for resource planning in international functional safety development projects at leading OEMs and tier-1 suppliers, he was able to develop an early understanding of the balancing act between compliance with standards and regulations on the one hand and the complexity of cross-organizational development projects on the other. Later on that, he was responsible for supporting the global engineering cybersecurity management at a leading tier-1-supplier. In addition to conceptual responsibility for the global engineering process landscape with a focus on systems engineering and cybersecurity, he was responsible for identifying, evaluating, piloting and rolling out best practices. This included the launch of a globally rolled-out competency management and training initiative focused on role- and function-based automotive cybersecurity training. After joining CYRES Consulting, one of the leading consultancies for strategic design and operational implementation of automotive cybersecurity, as an Associate Partner, he now leads as a Partner the international teams that ensure the implementation of cybersecurity requirements for OEMs, Tier-N-Suppliers as well as new technology providers from all over the world. Manuel Sandler is a highly requested speaker for advanced automotive cybersecurity keynotes as well as co-author of The Essential Guide to ISO/SAE 21434 (published by CYRES Consulting, 2021), which is the world’s first officially ISO/DIN licensed technical p
A buffer overflow is a condition in which the amount of data written to a buffer exceeds the buffer’s intended capacity, and unintentionally overwrites areas of memory not intended to be overwritten.
Understanding buffer overflows is a key step in understanding how programs can be targeted by cyber-attacks and understanding how secure coding practices can improve a system’s security posture.
Bluetooth is one of the most common wireless networks found in vehicles today. When developing an application to connect to a Bluetooth interface, it is important to keep in mind the types of data that the application will receive and try to minimize the possibility of attack via data injection over Bluetooth.
This presentation will demonstrate a simple Buffer Overflow attack targeted at an intentionally vulnerable application designed to accept user input data over Bluetooth.
Kamel is a veteran of the automotive cybersecurity community, having spent over 3 years as an expert car hacker, technical trainer, and contributor to worldwide industry-focused communities such as the SAE, ASRG, and the Car Hacking Village. His particular areas of focus within vehicle security are Bluetooth, RF, and in-vehicle networks. He currently works at White Motion – a subsidiary of the global automotive supplier Marelli – where he leads the vehicle security research team, assessing vehicle systems and training customers in state-of-the-art car-hacking techniques. Outside the garage, Kamel is an amateur chef, ukulele player, and fighting game enthusiast.”
High levels of autonomy require alternative security development lifecycle methods than current platforms. Where are the most differences in approach and platform design between current platforms and autonomous vehicles from the guidance, navigation and fleet management perspectives.
Secure EV Charging: Plug and Charge