SOS 2022
SOS 2022 was supported by leaders of the Industry.
Without their continued support and contribution, we would not be able to bring this level of value to you, our members. Please support them as they have supported us.
Platinum Sponsors
Gold Sponsors
Silver Sponsors
SOS 2022
Thank you
for the support
Planning events, particularly those presenting innovative and complex cybersecurity technologies, takes a village.
Planning events, particularly those presenting innovative and complex cybersecurity technologies, takes a village. As ASRG is a not-for-profit organization, we rely heavily on volunteers. Our volunteers range in skills from information security to business development to marketing. Most work full time in related cybersecurity or automotive companies. They are located around the world and serve in high responsibility positions. Yet, somehow over the last few months, they have found the time to contribute to the greater good of catalyzing assured cybersecurity for our impending extremely exposed and vulnerable smart mobility market.
Therefore, this platform is to convey our deep appreciation for the hours of work invested in putting together Secure Our Streets 2022.
Hope to see you all again next year!
Organizers
- John Heldreth
- Rina Espiritu
- Abdul Rahman Sattar
- Shalabh Jain
- Eden Ben Shabat
Sponsors
- Cybellum
- ASRG
- VicOne
- Cymotive
- Kugler Maag
- Onekey
Special Mention
- Susan Becker
CFP Program Committee
- Stefano Di Paola
- Patric Lenhart
- Shalabh Jain
- Rina Espiritu
- Eden Ben Shabat
- David Evans
- Dominik Bayerl
- Michael Golosovsky
- Marco Michl
- Abdul Rahman
- Carol Tang
Presenters
Manuel Sandler
- Kamel Ghali
- Dr. Ken Tindell
- Mohammed Shine
- Stefania Chaplin
- Benny Meisels
- Noel Lowdon
- Nils Weiss
- Mike Curnow
- Gilad Bandel
- Peter Maynard
- Tao Zhang
- Matthew Moser
- Cristian Ion
- Kartheek Lade
- Tamara Shoemaker
- Janahan Skandaraniyam
- Ranwa Al Mallah
- Guy Molho
- Fabian Weber
- Florian Schmid
- Matthew Carpenter
- Carla Trevino
Schedule and Presentations
1:30 PM
(UTC)
1:45 PM
(UTC)
Implementing CySec in automotive development projects right: 7 Management and Engineering Must Haves
45 mins
The idea of the keynote entitled “Empowering the correct implementation of cybersecurity in automotive development projects: 7 prerequisites that must be present in management and engineering” is to take the experience gained from projects with international OEMs and tier-N suppliers from the perspective of one of the world’s leading consulting firms for strategic guidance and operational implementation of cybersecurity in automotive development as a starting point to compile tangible lessons learned and recommendations for action in a generally applicable manner.
The purpose is to outline recurring shortcomings and weaknesses in practice that currently dominate the day-to-day work of cybersecurity managers as well as cybersecurity engineers in the different organizations of the supply chain and their respective automotive development projects.
In detail, illustrated with examples and concrete observations from the daily engineering practice, the following problems will be addressed:
- Distinctions and synergies between IT security and automotive cybersecurity
- Linking quality of software and system with cybersecurity along the V-model
- Importance of systematic strategic cybersecurity implementation instead of insular tool approaches, shortcuts and idea of cybersecurity as an addon
- Management commitment to cybersecurity and organizational structure for projects
- Re-use principles, synergies, template management, libraries and scope of cybersecurity activities
- Cybersecurity organization structure, roles, responsibilities
- Consideration of cybersecurity in project and product life cycle, cybersecurity stakeholders, awareness and culture
One of the most important recommendations for action: The early and comprehensive development of cybersecurity competencies, aligned with the roles and functions of the organization and compliant with the evidence obligations of the most important industry standards and regulations.
Manuel Sandler
Partner, CYRES Consulting
Mr. Manuel Sandler is Partner of CYRES Consulting, headquartered in Munich, Germany. After graduating with Bachelor and Master degrees in Mathematics, his career in the automotive industry started as a development engineer for Functional Safety. Responsible for resource planning in international functional safety development projects at leading OEMs and tier-1 suppliers, he was able to develop an early understanding of the balancing act between compliance with standards and regulations on the one hand and the complexity of cross-organizational development projects on the other. Later on that, he was responsible for supporting the global engineering cybersecurity management at a leading tier-1-supplier. In addition to conceptual responsibility for the global engineering process landscape with a focus on systems engineering and cybersecurity, he was responsible for identifying, evaluating, piloting and rolling out best practices. This included the launch of a globally rolled-out competency management and training initiative focused on role- and function-based automotive cybersecurity training. After joining CYRES Consulting, one of the leading consultancies for strategic design and operational implementation of automotive cybersecurity, as an Associate Partner, he now leads as a Partner the international teams that ensure the implementation of cybersecurity requirements for OEMs, Tier-N-Suppliers as well as new technology providers from all over the world. Manuel Sandler is a highly requested speaker for advanced automotive cybersecurity keynotes as well as co-author of The Essential Guide to ISO/SAE 21434 (published by CYRES Consulting, 2021), which is the world’s first officially ISO/DIN licensed technical p
2:35 PM
(UTC)
Automotive Exploitation Demo - Exploiting a Buffer Overflow Over Bluetooth
30 mins
A buffer overflow is a condition in which the amount of data written to a buffer exceeds the buffer’s intended capacity, and unintentionally overwrites areas of memory not intended to be overwritten.
Understanding buffer overflows is a key step in understanding how programs can be targeted by cyber-attacks and understanding how secure coding practices can improve a system’s security posture.
Bluetooth is one of the most common wireless networks found in vehicles today. When developing an application to connect to a Bluetooth interface, it is important to keep in mind the types of data that the application will receive and try to minimize the possibility of attack via data injection over Bluetooth.
This presentation will demonstrate a simple Buffer Overflow attack targeted at an intentionally vulnerable application designed to accept user input data over Bluetooth.
Kamel Ghali
Automotive Cybersecurity Architect, White Motion
Kamel is a veteran of the automotive cybersecurity community, having spent over 3 years as an expert car hacker, technical trainer, and contributor to worldwide industry-focused communities such as the SAE, ASRG, and the Car Hacking Village. His particular areas of focus within vehicle security are Bluetooth, RF, and in-vehicle networks. He currently works at White Motion – a subsidiary of the global automotive supplier Marelli – where he leads the vehicle security research team, assessing vehicle systems and training customers in state-of-the-art car-hacking techniques. Outside the garage, Kamel is an amateur chef, ukulele player, and fighting game enthusiast.”
(UTC)
CryptoCAN: Encrypted messaging on CAN bus
30 mins
CAN was designed in the mid 1980s before devices on CAN were connected remotely and before security was a major issue. Today the situation is different and protecting messaging on CAN is important. A way to do that is to use cryptography so that only authorized senders can create valid messages and only authorized receivers can decode them. The encryption scheme presented converts a standard CAN frame into a protected message for transmission on CAN and then back again at receivers, using dedicated cryptographic hardware or pure software. The scheme is designed to meet the specific requirements for CAN communication, keeps message payloads secret, prevents spoofing attacks, and can run on resource-constrained hardware.
Dr. Ken Tindell
CTO, Canis Labs
Dr. Ken Tindell is the CTO of Canis Labs. He obtained his doctorate in real-time systems from the University of York and has spent many years in the automotive industry, focused on tools and technology for in-vehicle real-time embedded systems. He formulated timing analysis for CAN bus to guarantee frame latencies and invented the three buffer systems for CAN controllers to avoid priority inversion. He has co-founded several automotive startups, including LiveDevices (later acquired by Bosch) and Volcano Communications Technologies (later acquired by Mentor Graphics).
3:05 PM
(UTC)
Hacking a Connected Car via APIs
30 mins
The talk would be “How I hacked into a Honda Connected Car. The mobile app used by the connected car used weak security mechanisms in its APIs for access controls which would allow a malicious user to perform actions like starting the car, locking/unlocking car etc. remotely by interacting with it’s Telematics Control Unit (TCU).
Mohammed Shine
Chapter Lead , Automotive Security Research Group
Shine is an adventure motorcyclist and a Lead Security Engineer in AppSec by profession. He is an avid bug bounty hunter, researcher and has showcased his talks in conferences like Defcon CHV, c0c0n, OWASP Kerala, HackP…
(UTC)
Securing Software Delivery in Automotive
30 mins
The average car has more or less 100 million lines of code. As the automotive industry becomes more reliant on software, this drastically increases potential vulnerabilities. How can we reduce vulnerabilities effectively and keep a car’s software system protected? What types of security testing should be included? How do we avoid exposure to potentially dire consequences? The implementation of DevOps has improved the way in which we deliver software however security is often considered an afterthought. How can we reduce vulnerabilities by enabling collaboration between different teams?
In this session, we will look at real-world examples, how to manage vulnerabilities, and implement ways that allow development and security to collaborate efficiently. More specifically:
Common misconceptions about “Shifting left”.
The importance of collaboration between Development, Security, and Operations teams
Reducing security exposure and consistent compliance with the policy.
Stefania Chaplin
Solutions Architect UK&I, GitLab
Stefania’s (aka DevStefOps) experience as a Solutions Architect within DevSecOps, Security Awareness, and Software Supply Chain Management mean she’s helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania enjoys optimising and improving operational efficiency by scripting, automating, and creating integrations. She is a member of OWASP DevSlop, hosting their technical shows. When not at a computer, Stefania enjoys surfing, yoga, and looking after all her tropical plants.
3:35 PM
(UTC)
99% complete, don't turn off your car - Automotive OTA Security for the connected vehicle
30 mins
Over-The-Air (OTA) updates for vehicles are becoming the standard in 2022. Infotainment OTA updates have been available for over a decade; but now, multiple OEMs offer OTA updates for additional ECUs in the vehicle.
This change introduces challenges in the form of new attack surfaces, and opportunities for improving automotive security, such as enabling the ability to fix security issues remotely.
This session briefly introduces how Automotive OTA works. We examine some aspects of the design and implementation of an end-to-end secure Automotive Software Update solution. Based off actual findings in security reviews conducted by CYMOTIVE, we describe common security misconceptions and show how they cause vulnerabilities in automotive OTA update implementations. We conclude the session by presenting some ideas for improving the OTA development process.
Benny Meisels
Lead Solution Architect, CYMOTIVE technologies LTD
Benny is a security architect with over 9 years of security research experience in Both IT and embedded systems.
He enjoys figuring out how complex systems operate and how to improve their design.
His research topics include embedded software security, automotive architecture security, and HW security.
After work hours Benny enjoys long walks and working on electronic conference badges.
For the last 4.5 years, Benny has been working in CYMOTIVE on automotive research and architecture.
(UTC)
Vehicle Systems Forensics - Back to the Future
30 mins
“Vehicle Systems Forensics. – Back To The Future”
Hey Doc’, I hear you cry – but no, not Doc Emmett Brown, but Doctor Edmond Locard (1877 – 1966). Locard was a French Criminalist known for being a pioneer in forensic science and formulated the basic principle of forensic science as: “Every contact leaves a trace”.
In this presentation, I take a look at the world of Vehicle Systems Forensics and look back on some cases where automotive data has helped detect some serious crimes and collisions in the UK. We look at how a digital trace was left to assist these cases and why those in the automotive cybersecurity space need to be mindful of what systems they are developing now which can help in future investigations where vehicles will be exploited in the criminal arena.
Noel Lowdon
Director, Harper Shaw
Noel Lowdon is a Vehicle Systems Forensics Investigator & registered expert with the National Crime Agency. His company assists Law Enforcement Agencies with maximizing vehicle data opportunities for serious crime and collision investigations and is seen as a leading resource in this field. Noel’s background is in Law Enforcement as a Detective where he was responsible for investigating serious and complex crimes involving vehicles. He has recently developed a Vehicle Systems Forensics Training Programme and an App that is a resource hub for modern vehicle-related investigations which will complement the training programme for continuing development. His work in this field has seen him acquiring data, preparing expert reports, and giving evidence at many trails involving vehicle data that has been acquired from a variety of different vehicle systems in both fatal collision & murder cases.
4:35 PM
(UTC)
Automotive Network Scans with Scapy
30 mins
This talk shows novel scanners and fuzzers for automotive network communication. Over the last two years we’ve developed automated tools for transport- and application-layer scans of automotive protocols based on Scapy. We explain the usage and advantages of these tools and dive into the complexity of the system states of ECUs. Finally, we show how custom fuzzers for stateful network fuzzing can be created. The following protocols are covered: CAN, ISOTP, UDS, GMLAN, OBD, DoIP, HSFZ.
Automotive software of control units uses state machines all over the place. The attack surface of an ECU is extremely dependent on the current system state. Therefore, any penetration test on ECUs has to be performed with the system state in mind. In recent years, we’ve created fully automated tools for Transport-Layer and Application-Layer network scans. We will explain these scanners in detail and show how they can be used for penetration testing. Furthermore, we will show examples of systems states by reverse engineering automotive firmware. We explain how the gathered information can be transferred to an automated tool based on our scanner. This covers details of the software-update process of automotive systems and examples of system states found during normal operation. Finally, we show how the scanner tool can be transformed into a stateful automotive network fuzzer, with just a few modifications.
Nils Weiss
Co-Founder, dissecto GmbH
Dr. Nils Weiss worked at the Laboratory for Safe and Secure Systems
(las3.de) of the University of Applied Sciences in Regensburg. He is
focusing on automotive security research for more than 6 years. After
an internship at Tesla Motors, Nils decided to start with automotive
security research. During his bachelor’s and masters programs, he started
with penetration testing of the entire vehicle. Besides penetration
testing of automotive systems, he is contributing to open source
penetration testing frameworks for automotive systems (Scapy).
Recently, he co-founded the dissecto GmbH.
(UTC)
Cell Games - Cell Network Subversion in Transportation
30 mins
Clause 9 of the ISO/SAE 21434 regulation requires that OEMS, tier 1 and 2 manufacturers, and security analysts provide high-quality documentation during the concept phase of a product’s lifecycle. It is vital that the documentation includes which mitigation from UNECE R155 was selected, as it is necessary for validation and verification testing. Deliverables created during this period include item definitions, cybersecurity goals, and cybersecurity concepts. To produce an agreed-upon machine-readable standard format; itemis, Block Harbor Cybersecurity, and Keysight came together to create a draft designed for security consultants to test the cybersecurity of projects at the conceptual level. This work is created as part of the efforts of the ASRG Technical Committee for Risk Data Exchange. In the presentation, we will demonstrate the outcome of this collaboration. We first outline the use case, then illustrate the data structure we came up with, and finally share our design considerations.
Mike Curnow
CEO , Defiant Networks, Inc
I do 2 things: 1) I’m working on making the next-generation of the Internet; and 2) I work on mitigating real-world damage and loss of life potential from components in critical infrastructure and cyberphysical systems.
5:05 PM
(UTC)
Is cybersecurity protection of commercial vehicles harder?
30 mins
Let’s put it bluntly, the commercial vehicle cybersecurity landscape has significant financial and other “advantages” for hackers to make them a prime target, evidenced by the increased frequency of cyberattacks on fleets:
Trucks are part of the commercial vehicle group transporting daily tens of billions of US dollars of goods between various locations. The tremendous value of their goods can provide huge commercial motivation for hackers to attack these vehicles, which will cause considerable financial and legal damages.
Damage to mission-critical or military equipment transported by trucks can put a country at risk when affected by an attack by politically motivated individuals or organizations.
So, it is logical to say that the risk level from commercial vehicles is considerably higher than passenger vehicles, making them prime targets for professional or even nation-state attackers.
Let’s put it bluntly, the commercial vehicle cybersecurity landscape has significant financial and other “advantages” for hackers to make them a prime target, evidenced by the increased frequency of cyberattacks on fleets:
Trucks are part of the commercial vehicle group transporting daily tens of billions of US dollars of goods between various locations. The tremendous value of their goods can provide huge commercial motivation for hackers to attack these vehicles, which will cause considerable financial and legal damages.
Damage to mission-critical or military equipment transported by trucks can put a country at risk when affected by an attack by politically motivated individuals or organizations.
So, it is logical to say that the risk level from commercial vehicles is considerably higher than passenger vehicles, making them prime targets for professional or even nation-state attackers.
We shall overview the specifics of the heavy-duty commercial vehicles, discuss the in-vehicle network technology and explain the specific solutions to tackle those challenges.
Gilad Bandel
Business Development, Cymotive Technologies
Gilad leads the automotive cybersecurity business development and product marketing at CYMOTIVE Technologies. His focus is on delivering state-of-the-art, unique, and innovative solutions for automotive cybersecurity protection.
Gilad is an accomplished executive with over 30 years of experience in the cybersecurity and networking industries. Having covered markets in Europe, America, and the APAC regions, Gilad is a renowned expert in conceptualizing and developing go-to-market strategies. He specializes in business development for cybersecurity solutions for the automotive, IoT, critical infrastructure, and homeland security markets.
Prior to joining CYMOTIVE, Gilad served as VP of Product and Marketing at Arilou Automotive Cybersecurity, as VP of Product at Radiflow, and as Director of Product Management at CyberSeal. Earlier positions held include VP of R&D, and CTO at leading networking, telecommunication, and homeland security companies.
(UTC)
Networks in Flux: The Significance of Dynamic Networks within the Automotive Domain
30 mins
Future networking methods are moving away from the traditional static flat networks, towards a more flexible and dynamic approach. Existing networks, partition devices into logically isolated segments, allowing resources to determine their course of communication depending on the situation at hand. Using technologies like 5G slicing, this is transparent to the end users, while at the same time adding additional complications for ensuring the security of the data. In the automotive domain, where critical internal vehicle frames are transmitted over 5G networks, it becomes imperative that these messages: a) arrive within a minimum time, and b) ensure the message is integrity and confidentially protected.
Many traditional security methods, such as VPN and TLS, are not suited to the dynamic nature of future networks due to the higher operating expenses and increased latency, this is especially true in the automotive domain which operates using resource-constrained devices and a need for low latency communication over restricted communication mediums. Moreover, these security methods tend to not provide true End-to-End security as they are not designed to secure low-level Fieldbus protocols (e.g. CANBus, LIN, FlexRay), this is exasperated by the dynamic nature of future networks, including the sharing of networking infrastructure within 5G systems.
This presentation investigates future networking designs and how this applies to automotive, then identifies several security concerns resulting from the changes in the networking paradigm. Finally, we discuss how to apply true End-to-End Zero-Trust principles to the automotive industry to address security concerns, while also allowing for transparent and flexible network routing.
Peter Maynard
Senior Security Analyst (IT/OT), Angoka
Has a Ph.D. in Critical Infrastructure Security, from Queen’s University Belfast (UK), where he developed and performed novel attacks on Industrial Control System (ICS) networks. He spent a while hunting ICS malware and investigating targeted intrusions e.g. HAVEX and CrashOverride to derive a set of commonalities between intrusions for use in developing future detection systems. Currently, he works on developing a novel Root of Trust mechanisms and lightweight authentication cryptographic protocol for use in machine-to-machine networks.
5:35 PM
(UTC)
Edge Computing and Automotive Security
50 mins
Keynote | This talk will start with a look at how edge computing has progressed and where it may be going. It will then discuss selected unique challenges in securing connected and automated vehicles. Following that, it will use a couple of examples to show potential roles of edge computing in securing connected and automated vehicles.
Tao Zhang
Manager – Transformational Networks and Services , NIST
Dr. Tao Zhang, an IEEE Fellow, has been leading research, product development, and corporate strategies to create disruptive innovations and transform them into standards and products. He is currently managing the Transformational Networks and Services Group in the Communications Technology Lab at NIST. He was the Chief Scientist / CTO for Smart Connected Vehicles at Cisco Systems, and Chief Scientist and the Director of multiple R&D groups focusing on wireless and vehicular networking at Telcordia Technologies (formerly Bellcore). He cofounded the OpenFog Consortium and the Connected Vehicle Trade Association (CVTA) and served as a founding Board Director for them. Tao holds ~60 US patents and coauthored two books “Vehicle Safety Communications: Protocols, Security, and Privacy” and “IP-Based Next Generation Wireless Networks”, and ~100 peer-reviewed technical papers. He served as the CIO and a Board Governor of the IEEE Communications Society and as a Distinguished Lecturer of the IEEE Vehicular Technology Society.
6:30 PM
(UTC)
R155 Informed Authoring of Cybersecurity Test Plans
30 mins
Clause 9 of the ISO/SAE 21434 regulation requires that OEMS, tier 1 and 2 manufacturers, and security analysts provide high-quality documentation during the concept phase of a product’s lifecycle.
It is vital that the documentation includes which mitigation from UNECE R155 was selected, as it is necessary for validation and verification testing.
Deliverables created during this period include item definitions, cybersecurity goals, and cybersecurity concepts. To produce an agreed upon machine readable standard format; itemis, Block Harbor Cybersecurity, and Keysight came together to create a draft designed for security consultants to test the cybersecurity of projects at the conceptual level.
This work is created as part of the efforts of the ASRG Technical Committee for Risk Data Exchange. In the presentation, we will demonstrate the outcome of this collaboration.
We first outline the use case, then illustrate the data structure we came up with, and finally share our design considerations.
Matthew Moser
Software Engineer, itemis Inc/itemis SECURE
Matthew Moser works on the composition and development of numerous software tools to provide greater utility for client-focused TARAs as a part of itemis SECURE. In addition to his software development responsibilities, he functions as a customer success manager and onboarding point of contact for itemis clients based in the United States.
(UTC)
Security Challenges in Autonomous Vehicle Market Entry
30 mins
High levels of autonomy require alternative security development lifecycle methods than current platforms. Where are the most differences in approach and platform design between current platforms and autonomous vehicles from the guidance, navigation and fleet management perspectives.
Cristian Ion
Head of Secure Engineering, Engineering Services, Cymotive Technologies GmbH
An IT security expert in automotive and application security, since 2017, Cristian has been building an accomplished team of security experts, risk engineers, security architect testers, and penetration testers.
He fulfills the role of Cymotive’s Lead Architect for the following areas:
Driver assistance and autonomous driving functions (SAE L3 autonomous driving – Highway Pilot, Rush Hour Pilot, Autonomous Parking, L2 autonomous function set.)
E-Mobility – digital key (CDIS) – in-vehicle and backend security architecture (vehicle ride-sharing for fleet operators and end users)
Core platform ECU architecture (core high-performance computing ECUs)
Vehicle to backend connectivity core services
Cristian has 20 years of experience in cyber defense. In previous roles, he was responsible for security architecture, processes, and controls for secure application development, secure architecture, and protecting sensitive information – both against internal and external threats for large listed (DAX) companies. Cristian studied computer science and economical engineering at TU Darmstadt/University Bucharest and post-graduate studies in cybersecurity.
7:10 PM
(UTC)
Rump Session
15 mins
The rump session is an open forum to come on stage and give quick (few minutes) presentations of tools, ideas, events, etc. regarding automotive security. Please get in contact with Shalabh Jain over Airmeet to get your name on the list.
Kartheek Lade
IoT Security Researcher, Payatu
Kartheek Lade is an IoT Security Researcher, who works in the Automotive & Hardware verticals of IoT security at Payatu. He is constantly learning about wireless security & ISO/SAE 21434. He loves contributing and being a part of security communities and helping people get started in Cyber Security.
Tamara Shoemaker
Cybersecurity Training Leader, Automotive ISAC
Tamara is Cybersecurity Training Lead at Auto-ISAC, after having spent the last 17 years in higher education. Prior to joining the organization, she was the Director of the University of Detroit Mercy’s Center for Cybersecurity and Intelligence Studies, an NSA/DHS center of academic excellence in cyber defense education (CAE/CDE). Her primary mission there was to address the critical shortage of specifically educated and trained cybersecurity professionals in the region. In that capacity, she founded a broad coalition of community colleges and universities across the region (MCISSE), as well as the Michigan CyberPatriot program. The MCISSE coalition helped regionals schools map to the current NSA guidelines and the AFA CyberPatriot K-12 program has radically increased the number of high school students who are interested in the field of Cybersecurity.
7:25 PM
(UTC)
AI Applications in Automotive Security
45 mins
Keynote | This talk will focus on the applications of AI technology in automotive security from a present and future perspective. Given that the intersection of AI and security is currently unfolding at a fast and unprecedented pace with AI technology penetrating every security domain and industry vertical, this talk will also delve into the nuances of AI technology in automotive security and its overlaps with other domains and verticals.
Janahan Skandaraniyam
Snr. Director Security Intelligence and Analytics, Arctic Wolf
Janahan Skandaraniyam is currently Senior Director of Research and Development at Arctic Wolf Networks where he leads the AI & Data Science, Security Research, and Threat Intelligence Research mandates. Prior to Arctic Wolf, Janahan has held senior roles in both start-ups and enterprise organizations including Motorola, GE, and Telus, and has led global engineering teams with a career track record of designing and developing innovative systems and products for a number of industry firsts. Author of multiple patents and publications in the areas of cybersecurity and advanced analytics, Janahan works with partners in government, academia, and industry to lead and advise programs in security to meet national and industry security requirements. His areas of interest and focus include advanced analytics (AI/ML), Big Data, Data Lakes, cloud computing/infrastructure, network infrastructure, mobility, IoT, telecommunications, IT, SCADA, SmartGrid, automation, and cybersecurity applicability across those areas for diverse industries and sectors.
8:10 PM
(UTC)
AI vs AI arms race on critical infrastructure
45 mins
Solving transportation problems with vehicular networks focuses on the design of the solutions. However, some solutions inherit existing IT security vulnerabilities and others introduce new ones that are specific to the system under study. Connected and automated vehicles run on a critical infrastructure and are a key component in urban transportation cyber-physical systems. The challenges of assessing cybersecurity in this context is that in complex systems, systems domains are interdependent and interconnected, known and unknown threats may impair the integrity of the system as a whole. We are confronted to complex interrelationships and we must anticipate future conditions. While these interdependencies bring unprecedented improvements and functionality to the system, they tend to be fragile against failures, natural hazards, and attacks.
Due to the immense complexity of securing large scale CPS, and the diversity and heterogeneity of the sources and data formats involved in the cybersecurity monitoring processes, the use of Artificial Intelligence (AI), and in particular Machine Learning (ML) techniques, have been proposed and explored by researchers and cybersecurity companies for several years. In the transportation network, machine learning techniques embody the unpredictable nature of traffic and the myriad of factors that affect traffic flows, such as weather conditions, or other driver behavior, traffic problems and other events. The vision is that AI in cybersecurity can be useful, but not by blindly applying ML/DL approaches.
AI-based resilience in Cyber-Physical Systems needs to be explored. And while we will be exploring the resilience of cybersecurity solutions, we will be witnessing an AI-against-AI arms race. This potential use of AI by attackers to oppose AI-based defenders constitutes a problem. Thus, because of the continuously growing scale and complexity of information, computing systems and technologies, we have to do substantial preparation work in terms of analysis, experimental setup and development of AI-based attacks in order to get to the defences and be able to explore this arms race, attempt to model it and provide innovative solutions to protect emerging technology-aware critical infrastructures.
Ranwa Al Mallah
Assistant Professor, Royal Military College of Canada
Dr. Ranwa Al Mallah received her Ph.D. degree in computer and software engineering from Polytechnique Montreal in 2018. She then joined the Security laboratory of Polytechnique Montréal as a research assistant. Shortly after, she was a Postdoctoral fellow at Ryerson University. She is now an Assistant Professor in the Department of Electrical and Computer Engineering at the Royal Military College of Canada. Ms. Al Mallah has over eight years of industry experience in IT, cybersecurity and telecommunications project management. She works in the fields of artificial intelligence, network engineering and cybersecurity. Her research in close collaboration with the industry and her experience in research and development cover more specifically the following fields: federated learning and cybersecurity of artificial intelligence in the context of traditional computer networks and on cyber-physical systems operating on critical infrastructure.
8:55 PM
(UTC)
Mastering the Continuous Automotive Security with a Feedback Loop
30 mins
Complexity is the worst enemy of security and complex systems are hard to secure. The more we connect things to each other, the more vulnerabilities in one thing affect others. It is definitely the case when it comes to software-defined and connected vehicles. Connectivity is not only a means to attack, it also enables attacks at scale. The internet is a massive tool for making processes more efficient, including cyber-attacks. But scale economies don’t trickle down to also enable more effective protection. Security requires a high velocity, but a vehicle’s lifecycle is relatively long, definitely longer than your average mobile phone, processes are far more complex and associated costs are dramatically higher. Given these unique challenges, OEMs’ perspective on how to effectively protect their fleets is evolving into a full-stack approach of automotive cybersecurity protection. It’s a continuous feedback loop that includes massive data, piles of different technologies and approaches, and of course highly skilled teams. Effective detection will impact how teams collect data and process it, the Vehicle SOC (VSOC) team will identify new threats and feed knowledge into the collection and detection stages.
Guy Molho
VP Product , Upstream
Guy leads Upstream’s product management group. Guy brings more than 15 years of experience in product management and marketing in global technology companies. Gaining experience in leading products in the field of cyber intelligence, data analytics, and AI. Prior to joining Upstream, Guy led the management of AI-based products at EY. Additionally, he founded and led the product management team at NSO Group for 5 years, from a small startup into a multi-million dollars business. Guy volunteers as a mentor in Product League, a product management mentorship program. Guy served for 5 years in 8200, the elite intelligence unit of the IDF. Guy holds a BSc in Industrial Engineering from Tel Aviv University.
(UTC)
PROBoter - Automating PCB analysis tasks to support penetration tests of embedded systems
30 mins
Analyzing the security on the hardware level is an essential part of
embedded system penetration tests, e.g. in the automotive domain.
Typically, such analysis is a time consuming and error prone process. To
increase the efficiency, this talk introduces the PROBoter as a novel
open-source and self-calibrating architecture for automated PCB analysis
as part of hardware penetration tests.
Fabian Weber
Security Consultant, SCHUTZWERK GmbH
Fabian Weber is a Security Consultant at SCHUTZWERK GmbH, an international IT security consultancy with core competencies in independent assessments and holistic optimization of all aspects of information, IT, and cybersecurity. At SCHUTZWERK, he regularly conducts penetration tests of embedded systems, especially in the automotive domain. In the context of the BMBF-funded project SecForCARs, he develops new tools for automotive penetration testing. He holds a Master’s Degree in Computer Science and a Bachelor’s Degree in mechanical engineering.
Florian Schmid
Security Consultant, SCHUTZWERK GmbH
Florian Schmid is a Security Consultant at SCHUTZWERK GmbH, an international IT security consultancy. His focus is on the hardware assessment of embedded systems. He holds a Master’s Degree in IT Security and a Diploma in Physics.
9:25 PM
(UTC)
Emulation-driven Reversing For Firmware Vulnerability Research
30 mins
Reverse-engineering can be mind-numbing and eye-bleeding. Your life is about to get a bit easier.
This talk discusses a new style of reverse-engineering which has been used to combine both visual/function-graph analysis and creative use of partial-emulation to trace through behaviors and gain insight without “running” code and having to deal with many of the complexities of “getting that specific code to run”
Matthew Carpenter
Principal Technology Strategist, GRIMM
A little over 17 years ago, I discovered I was capable of far more than my fearful expectations would allow… and have spent the time since working to help others with similar breakthroughs.
I particularly love doing things others deem impossible, especially if I can write tools to make them easier
(UTC)
Secure EV Charging: Plug and Charge
30 mins
Secure EV Charging: Plug and Charge
- Future of EV charging: Plug and charge and various stakeholders involved in Plug and Charge ecosystem
- Vehicle to Grid (V2G) use cases and need for cybersecurity
- Public Key Infrastructure (PKI): Technology needed to enable secure authentication and authorization via Plug and Charge
- Regulations & standards for Vehicle to Grid (V2G) communication interface
Carla Trevino
Solution Architect of Connected Transport, Irdeto
Carla is the Solution Architect of Connected Transport at Irdeto. Before joining Irdeto, Carla worked in several positions at Daimler which left her a vast experience in the automotive industry. She has been working on an international setup with projects covering different markets with a focus on LATAM and the EU. She has been specifically working on topics related to connectivity, electromobility, and autonomous. Additionally, to her work experience, Carla has a MsC. where she specialized in autonomous driving. Today, Carla is responsible for bringing our customer requirements to our technical team, assuring a perfect fit between our developed products and our customers’ requirements.
10:00 PM
(UTC)
Closing
15 mins
