Under the hood - the automotive challenge

Friday 5 October 14:00 - 14:30, Red room

Inbar Raz (Argus Cyber Security)



In an average five-year-old car, there are about 30 different computers on board. In an average new car, there are double that number, and in some cases up to 100. That's a network the size of what a SMB would have, only there's no CIO/CISO, and not even a part-time IT guy. We have no idea what's going on under the hood. To add to the complexity, there are between two and five different bus types in an average modern car. With different protocols and even different wiring, a modern car's network diagram is a CISO's nightmare.

There are many challenges in the automotive domain. From strict development regulations, through very long development cycles, to very little security by design in vehicles currently on the road - working in this domain is challenging, to say the least. But unlike almost anywhere else, this time the defence might actually have a fighting chance.

In this talk, we will share our experience in the automotive domain. We will explain the complexity of the playing field, share examples of the problems we've encountered, and talk about the challenges involved.

 

Inbar-Raz-web.jpg

Inbar Raz

Inbar has been teaching and lecturing about Internet security and reverse engineering for nearly as long as he has been doing that himself. He started programming at the age of 9 on his Dragon 64. At 13 he got a PC, and promptly started reverse engineering at the age of 14. Through high school he was a key figure in the Israeli BBS scene. He spent most of his career in the Internet and data security field, and the only reason he's not in jail right now is because he chose the right side of the law at an early age.

Inbar specializes in outside-the-box approaches to analysing security and finding vulnerabilities, using his extensive experience of over 25 years. He spent three years at Check Point, running the Malware and Security Research team, and two years at PerimeterX, performing fascinating research on bots and web automation attacks. Nowadays he is a security architect at Argus Cyber Security, protecting the automotive domain from hackers.

@inbarraz



Other VB2018 papers

The Hitchhiker’s Guide to the North Korean malware galaxy

Jay Rosenberg (Intezer Labs)
Itai Tevet (Intezer Labs)

Shedding skin - Turla's fresh faces

Kurt Baumgartner (Kaspersky Lab)
Mike Scott (Kaspersky Lab)

Lazarus Group: one mahjong game played with different sets of tiles

Peter Kalnai (ESET)
Michal Poslusny (ESET)

Back to VB2018 Programme page

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.