Insights into Smart Vehicle Security

all right then uh let us get started um so today we are going to be talking about uh insights into smart vehicle security uh moving on to our introduction so this is me ranked uh i'm a security researcher having been working in the security space for over seven years now i have given talks at multiple security conferences and i also get involved in a bunch of scheme committees and review boards especially with ec council which i have been working with for a couple of years and yeah good to meet you all virtually uh srini hey hi this is srini here um i'm even a secret researcher vendetta and myself both are colleagues i have very good

friends and um i am like um much more passionate about automotive and industrial control systems i've been uh members into few of the organizations like cwe in the hardware segments and even a couple of standards uh more often i in a day-to-day job i look at offensive security and do a good um good amount of reverse engineering thanks right so as we mentioned so we have uh so our areas of expertise include uh typical web application mobile application as well as uh network pen tests uh along alongside we also work on um so it's called reviews of products developed using a bunch of i mean various programming languages uh including cc plus plus java and go

as well so we also do a lot of security research uh in the linux kernel space as well as custom kernel drivers that we get to work on and we both are pretty passionate about iot connected technology and smart vehicles and so on and so forth so uh this topic is pretty close to our hearts and uh yeah this is something that we have been doing out of our passion and would love to talk more about this and so the agenda for this talk is for us to understand what a smart vehicle is uh take a quick look at the various components that go into a smart vehicle solution and also understand the attack surface that

is open are unique to a smart vehicle solution and also look at the various attack vectors and the attack surface from an attacker's perspective so a quick disclaimer uh the content uh in these slides are purely our view and we do not represent our employer and we also may uh refer to a bunch of tools and hardware as well as software tools and utility utilities so we have them here as a reference uh for illustrative purposes and we do not endorse them and we are moving on to the smartware smart vehicle applications so this image gives us a quick look at what areas disconnected technology caters to especially smart vehicles have been growing pretty significantly

in the personal vehicle uh space so there is als also a lot of uh growth in fleet vehicles or uh robo taxis if you will and uh going forward we would also see smart vehicle applications and public transportations uh logistics uh big at large events such as olympics for instance as well as uh the feeder service and at airports so this just gives us a quick idea a quick look at where uh smart vehicle solutions is headed in the upcoming years these are a bunch of acronyms that uh i mean every enthusiast needs to be familiar familiar with and this is something that we would be referring uh going forward uh in our upcoming slides and

i mean you can refer back to these acronyms to better understand the context of the content that is present in the upcoming slides so this is what a typical smart vehicle looks like right so smart vehicle does not essentially be an electric uh vehicle it can be an ic engine vehicle as well with a certain certain components are present in it so it it can have it can be a radar lidars or a combination of both radars and lighters uh in association with a bunch of cameras uh that could be a 360 degree vision camera which is basically a bunch of cameras around the car that ties the feet together to provide a 360 view of

the vehicle and its surroundings and the evaluation of smart vehicles is such that um so this is something that uh has been laid out by uh sae and there typically are six levels of autonomous drivings and uh so we typically are uh i mean we would be uh at this point of time uh all the tesla's and all the adaf systems that we have on our personal vehicles uh catered towards i mean tend to be between uh l2 and most probably in in l2 a little bit uh pushing towards l3 and uh so today's uh today's slides would be more uh focused towards personal vehicles and not towards the other applications that we discussed in

the earlier slides moving forward this gives us a quick look at the smart vehicle architecture so um i mean these are the bare minimum components that go into building a smart vehicle solution so uh i mean at the lowest level we have sensors and actuators so these are the uh devices that are typically present in a smart vehicle so sensors uh can range between uh range from your cameras uh data lighters and ultrasonic sensors and actuators are basically your engine control units such as that control your braking steering and acceleration basically so this data is later this data is processed within the vehicle uh on certain on-board computers uh and so some data also goes back to the uh

backend cloud infrastructure for more complex computation i mean considering that the limited compute power on an onboard vehicle computer the complex calculations and computations tend to happen in the uh much beefier cloud infrastructure and that data transfer happens uh over telematic so um so when we move to communication uh there are uh two types of communications here right so one of your in-vehicle communication and the other one is uh telematics which include your cellular and satellite communication that transfers the data back and forth between the vehicle and the back-end back-end servers so we would be looking at we'd be diving deep into these components in the upcoming slide looking at the components it's very familiar that

most of the smart vehicles involve all of these right so a smart vehicle which has got sensors which has got communication interfaces which have inbuilt devices are together working and they generate lots of data so the requires also storage and they also store lots of security related data user related data sensor related data and sensors which help the automotive smart are like lidar cameras and a lot many sensors which are there within the automotive connected ecu's right so um when we look at communication interfaces as banker was just describing there are interfaces that are internally connected and there are also interfaces that are externally connected when i say it is internal there are low range are

connected over a bus right within a short range you can assume that as bluetooth wi-fi and within the bus internal bus you can look at can lane most and few others when when we exactly look at what are the external interfaces that any of the automotive vehicle would be connecting to there are entertainment units that allow the nfc's wi-fi and the telematics which exactly plays a very good role in carrying out the data and controlling the car over a cellular network and the gps and the satellites are the one that helps you to track right you also have short-range communications which which allows you to look at the disrupted technologies like to v2x v to v and all that

above all uh all these data are carried away uh over to the network to the cloud and uh it's it's also a weapon that is given to a user using a smartphone who is able to control and who is able to monitor and who is able to diagnose the car right that's over a smartphone this this is all about the components that are totally equipped into a single car which enables it to be smart next right please we just saw each of this component but this particular slide that we are currently looking at you can look at me who is there in the left bottom who is hand holding a mobile phone with an app operating a car

and there are multiple protocols that are already inside the car which are actively running exchanging lots of information right so the bluetooth for example is connected to my mobile phone and i i'll be able to monitor or give commands to the vehicle and continuously know what exactly is happening with my vehicle status apparently there are telematics modules that actually connect to the cellular network and communicate to the cloud infrastructure by pushing out data and giving the status or getting the remote updates via the cellular network parallelly there are also other means where it communicates to vehicle to vehicle or vehicle to pedestrian pedestrian or any infrastructure or the grade or v2x so there are n number of possible ways that

in today's world the smart car is doing so it's a live example where you can see lots of sensors lots of data apparently there is lots of opportunity to look at in security space right every every uh data flow that we are currently looking at here are spaces where there are insecurities applicable so there are lots of improvements lots of security angles that has to be posed and has to be validated for each one of these channels next slide please looking at a few current examples or current news you can recently look at the previous month saying that there are chips that are already vulnerable like 16 different vulnerabilities have been identified in a chip which are popularly used in

automotive industry right and there are hackers uh in place who actually connect who has actually connected to the infotainment unit and was able to uh steal some data right likewise in october there are similar like chip vulnerabilities that have been identified or the android one automotive operating system where there are a few critical vulnerabilities that have been identified and there is also an source called leakage that was also identified by a major german oem guy likewise there are n number of examples and which is to the to the latest we can also say that there are ev home charger stations which are counted over a wi-fi have been also prone to uh be vulnerable right

so likewise we see lots and lots of vulnerabilities coming up every day every day and it is a new chance for us to understand different segments of the communication different segments of the information that we go we can go ahead and validate and see lots of issues so the coming slides will give you what we exactly have observed in the latest automotive models let us go ahead next strike please coming back to basics this is very common for any domain that we are looking at cia are the pillars that you definitely have to consider for each and every uh security aspects that you are going to design for your product right so confidentiality it's definitely

you have to keep your information secret integrity it's it's very well known by multiple ways that you have to maintain integrity ensure none of the data none of the firmware none of the commands are modified by unauthorized adversaries staying and available is also a critical component likewise it keeps security in space right so ensure it is available for your customers it's available for the normal users unlike a user who wants to get into a car unable to get into get into a car would be a miserable situation so it's equally important to understand what different ways that you can think of to validate cia across the product and classify all the attack scenarios and go

ahead and validate those attack scenarios next slide please in general when we look at attack vectors what different ways an attack can happen right when we look at a smart automotive vehicle these these technologies allow you to connect physically these technologies allow you to connect as a local network and the technologies which are part of the automotive also allow you to connect over a remote right there is lot of information exchange happening within the vehicle uh or in a short range communications or remote communications so we can clearly assume that all these three are the attack vectors that anyone can leverage and do nasty things let us go a little bit deep down to understand what different techniques

can an attacker used by things like this like someone who is trying to someone who is trying to get access as a local sorry as a physical he he can immediately get into your debug interfaces any hardware that that openly gives access to debug interfaces boom the physical guy who will be able to connect to the car will be able to control the car by tampering lots of functionalities will be able to override the firmware will be able to write unwanted data right the usb connectors which allow us to connect lots of um data transfer will also is also an entry point for any of the person any of the attacker to push data right

and um there are numerous serial interfaces on the hardwares that are that are lying around the automotive uh embedded boards and those can also be a pathway to read the rom memory or write some data onto the bus right diagnostics yes every every vehicle that goes to a workshop undergoes a diagnostic check and those diagnostic interfaces will allow you to understand um the requirements of the vehicle and further any of the attacker who understands the vehicle thoroughly the ids that are observed via diagnostics will be able to push lots of data and can cause miserable damage right legacy hardware yeah there are legacy hardwares which are not supporting secure boot not supporting secure memory not supporting any of the encryption

technologies that are currently used so such such things are very easy for anyone to understand and tap into for lots of secretive information supply chain in today's world we see a lot of supply chain vulnerabilities coming up and this is also an important factor that anyone can dig in and get lots of sensitive data or damage the reputation likewise we can go ahead for platform where platform is the platform is actually the operating system the firmware the remote update that the the vehicle actually requests and gets updated or the boot cycle or any process which is running the number of accounts that the operating system has memory layout the middleware which actually talks to the actual

user space and the kernel space and virtualization technologies that are part of the platform most of this uh in today's world are insecure as you saw in the recent news list people have targeted this um platform and started impacting the product communication uh this is and wonderful interface that anyone would like to tap in understanding various technologies like bluetooth wi-fi radio frequencies zigbee cellular networks and most of the protocols like can lin and few others people will be able to simply tap into the network and query enumerate and exploit lots of services going back to the software software our softwares are the one that enables lots of application innovation and lots of technologies to be embedded onto the

board so likewise any software that is built is built with third-party libraries the protocol functionalities and by default on-board applications are the apis that are being used which is supposed to connect to the vehicle and the remote cloud interface and the configurations that are part of the software and cryptographic services and the functions so there are various vulnerabilities that are lying around in each one of them will be very much interested for anyone to attack and take control or cause any of the vulnerabilities to the automotive space next next slide please right so yeah so that really painted a good picture of uh what we have to be looking at from an attacker's point of view

smart vehicle solution so the reason why uh we need to when we need this talk is to uh look at the various components and various attack surface and certain attack vectors that have been introduced uh i mean after uh i mean when we get into the smart vehicle uh kind of a scenario so uh the primary the other uh reason is so we at this point of time we do not have uh a lot of standard security standards uh that are at a mature level right which can be adapted by uh the automotive manufacturers as well as the path suppliers so due to the lack of such maturity and since the technology itself is still at

the infancy state i mean we need to be extra cautious and in terms of locking down when at least the attack surface that we are looking at in this particular slide

so as we were discussing about the device hardware um device hardware is most prominent area where anyone having physical access to the vehicle should be able to get into the machine now looking at various common entry points as a attacker anyone would look at few interfaces that might give access to the complete system now when we say what is complete system interfaces like jtag serial interfaces like uart or canon interfaces which is canon obd and usb interfaces which which can internally convert for any of the ethernet or any tdy shell that actually gives you access to the board and these interfaces uh would lead you to get a console access will help you to disrupt or access the

local memory and configurations that are part of the board so many vulnerable services and missing security patches would help you to get into the system and you can do lots of unwanted firmware update and you can disable the security features and tamper the sensor values and whatnot push your own firmware right so many things that you can like exactly achieve so there are there is one such example that you can look at where the obd2 interface which is part of the vehicle which you can fetch at the bottom of your feed you can strictly connect to the obd vehicle and get access to the machine the car right so uh what exactly happens if someone uh

gets connected to the root shell right so uart and few other usb interfaces if there is anyone who has connected to those interfaces it gives you access to the boot uh boot shell and that's because it's it's insecure and if though even though it's secure there are few glitch attacks that that will allow you to uh get access to the shell and get um you can fetch for lots of secrets like the keys or the passwords in the configuration files by fetching into the nvram or ep rom from the same uart interface and yes you can go ahead and do many activities there right and telematics is also one such area that anyone can begin

and simply get access to lots of api calls or the sms services or the internet connectivity related information yeah next like please this this has been savior for most of us there are logic analyzers like here we can simply attach the probes to the chip and start analyzing the data so what exactly we have done is we attach this logic analysis to the can interfaces and on to the next slide you can clearly unders look at the can pulses like what data have been exchanged between issues between the head unit and ecu's and these pulses will give you lots of information the patterns that you can literally observe and those those can be replayed it can be

tampered and you can literally understand what are the outcomes of such malicious can can information or can ids and can data that you can spoof and send back to the vehicle next slide please um more often we we are very much acquainted to use beaglebone with a can controller and there are a couple of uh linux tools like can bus and a few few other tools which will allow you to sniff can sniff and few other tools which will allow you to sniff the exact can data within the in vehicle network and you can literally look at the output where 305 1a4 1aa are the identifiers of each of the ecu ids and corresponding 8-bit data that is

there here like 8035 or 002f or 7fff these are the hex representation of the data that's that's been spoken amongst the ecu's and these data carry the actual values of the sensors or the attached um like for example if you wanted to tamper the tachometer uh you can literally hit the i identify the right id like 166 for example and give the value in the data and the data will be pushed over the can interface and you can see that the tachometer actually shows the exact value whichever you wanted to show so you can literally observe though you are stable you can literally see this there is a change in the tachometer value next time please

so this is one such output that you can look at for anyone who is converted connecting to the uart interfaces will be able to see a console like this and lots of options which will enable you to monitor push data and all that

looking at the firmware firmware is a critical component because firmware has got all the ips part of the automotive system and firmware is one such area anyone who would like to understand the whole behavior of the functionality should be able to analyze the firmware so how do we get this firmware and how do we start and looking at the internal implementation of the software that is written on this firmware so we can use many extraction methodologies like bus pirate shikra connect to the chips that are part of the automotive head units or entertainment units and pull down the firmware extract the firmware from the chip and the bin file that you would have been extracting can be reverse engineered

using bin walk or lot many tools like many open source tools that converts the binary file to a readable format with exact file system as in linux and that gives you a lots of information where you can go ahead and dig deep down to sensitive information like passwords keys the ssl keys or the apis that that are helpful for anyone to go ahead and connect to the cloud or any of the sensitive information like sms and or not so what exactly you can look in firmware right you can look at the encryption technologies that is customly made for this particular device right and you can also look at lots of hardcore credentials right so in today's world due to lack of the

hardware capability developers put a lot of hardcore credentials they don't have remote connectivity for randomly changing or validating the interface credentials so it is preferred to put a hardcore credentials and that are something that will be very much interested for us right and there are numerous of backdoor that you can observe in the firmware which will help you to remotely connect or debug the same firmware that that will allow you to extract lots and lots of data sensitive information url endpoints or you can you can rebuild the firmware and see if you can downgrade the firmware version and extract any of the security functionalities and push the firmware back to the device and you can start playing with

likewise there is lots of techniques that we can use and play with the firmware next slide please right so uh building on to what srini just explained uh from firmware right so um firmware update and software updates play a key role in uh adding new features and also applying security patches in a smart vehicle so in a smart vehicle this plays a critical role just because uh the lifetime of the vehicle and the is directly dependent on the uh security patches that we receive right so if the vehicle is no longer supported by the uh manufacturer or if a certain component that is uh placed within the automotive right is uh not supported anymore uh that leaves the uh

vehicle uh highly susceptible to security attacks so since a software update is a major uh attack surface uh in its own in in a smart vehicle solution so this this provides an attacker a substantial uh surface to uh attempt to perform malicious activities so how how can an attacker uh compromise the system this way is by first of all looking so this can be achieved in multiple ways uh one is to try to capture uh the firmware that is being sent uh firmware or software that is being sent over the air to the vehicle so uh if an attacker is able to capture that and if the firmware is uh transmitted in an unencrypted fashion

then so again we can go back to what screen discussed earlier in terms of uh dissecting the firmware uh extracting uh the contents of the firmware and looking for uh vulnerabilities and sensitive information embedded within the firmware the uh other way to get hold of a firmware is uh there are uh still certain uh certain uh software manufacturers that push updates to uh components in a way that requires the firmware to be downloaded onto onto a laptop or onto a mobile phone depending on the component that is in uh i mean that we are referring to and later the uh firmware is uh flashed onto the uh actual embedded device so this could also be a

firmware being downloaded onto the onboard uh storage um for instance an ivi and which is later then installed onto the embedded device so these are certain areas that can provide the attacker with the firmware and in addition to it there are other logical logic issues that could creep up right most of which so some of which uh be being uh rollback prevention so uh so there are i mean there are there have been cases right where uh an attacker is able to use a firmware which is rightly signed and actually originated from the oem but which is known to have a certain vulnerability even though the company has went ahead and released an update with mitigations properly in place an

attacker could be able to go ahead and roll back the firmware or the software to a vulnerable version which would uh leave the vehicle um vulnerable to attacks and i mean if if the if such a rollback can be performed uh on a fleet of vehicles then that would substantially increase the risk of the passengers or the consumers are using the vehicles so a quick example of this is uh the jeep attack right so this is where uh uh this is where smart will smart vehicle security uh received uh the traction that it required and um so one of the attacks that the initial security researchers uh uh leveraged in the jeep hack was to update

the firmware uh via the head unit uh leveraging the usb port so back then the firmware was not signed properly by the manufacturer or the software provider so the researchers were able to modify the firmware and flash it back to the embedded system so by and large this vulnerability has been mitigated and this has been introduced as a best practice and a lot of manufacturers and a lot of developers follow this so follow this recommendation however there are still certain oems and certain suppliers who do not adhere to this recommendation or to this best practice or this could be negligence or or a gap from the uh developer uh site right so as you rightly said as rightly said

banker like we we were looking at um lots of integrity things right now it was not like earlier now there are certificates that are used to ensure the integrated checks are in place and the binaries are properly signed but to our observation i could uh literally say say that uh vulnerabilities like toc tou are prominent um and those can be easily identified while there isn't software update mecha mechanism which is happening um within the vehicle right yesterday so yeah this is something that the architects need to uh pay a i mean special attention uh towards the update mechanism and not limited uh so uh not just uh the i mean if the firmware is uh signed that

doesn't uh mean that there is nothing that can go wrong there are other a bunch of other issues that could creep up uh like what we discussed earlier uh so we need to take uh extra care in this area and moving on to device memory and local storage uh so uh considering the limited uh storage that is available uh on board in a vehicle uh they may be uh multiple components depending on a single storage uh right and [Music] so the onboard storage uh could store a lot of sensitive information including pii vehicle information uh and also data i mean sensor data could also be stored online for a certain period of time so the this is something that has to be

taken care of uh in terms of uh so the data at rest should be properly adequately uh encrypted and should also be cleared in a timely fashion so that when any malicious actor is not able to connect to this vehicle and steal such sensitive information so an example of such an attack as cars blues so this is an attack that uh this is a vulnerability that was uh discovered by privacy for cars back in 2018 and what happens in this particular scenario is that uh so when when we connect our mobile phones uh to the vehicle over bluetooth so uh the data gets synced right and uh apparently the onboard storage holds this data such as our contacts

call logs uh and messages as well uh in clear text and so in a scenario where the car is a borrowed or a rented vehicle once the user returns the vehicle right so an attacker could connect back to the ivi and extract the personal identifiable information such as their contacts and so on and so forth uh but with uh i mean this does not this attack does not require uh unique skills or complex hardware and software this could be easily uh extracted from the onboard storage with traditional methods so moving on to operating system and kernel uh so this is also a an attack surface considering a smart vehicle solution uh although this is uh traditional uh

i mean traditionally uh security researchers do spend a lot of time when they looking for vulnerabilities in kernel as well as the operating systems uh a special uh call out is required in such a scenario uh because uh i mean considering the uh limited memory that is available on an embedded device right that goes into a smart vehicle uh oftentimes the operating system or that runs on such a device is not does not have uh security mitigation techniques uh that are available in uh uh more mature operating systems uh such as your aslr and uh dep for instance and extra care needs to be taken to address uh overflow and overrun conditions uh on on services running on

embedded devices so um so yeah because the this technology is still uh growing and not at a mature state uh we need to take additional care in terms of addressing uh uh such issues as well and constantly perform uh this is called fuzzing on the kernels that are being used and uh take extra care to uh have the appropriate security patches uh updated as well

actually yeah as we we have been discussing on the communications there are shortage communication long-range communications um familiar things are like bluetooth zigbee and we have been noticing lots of vulnerabilities and bluetooth space wi-fi and uh upcoming there might lots of vulnerabilities coming in the the short range communications and if you look at telematics telematics enable any of the automotive space to connect it to the external world and which is built using a cellular interface which communicates with gps and also satellite so there are these are very common that you can look at but overall you can see uh diagnostics uh lots of wi-fi lots of information that's been flowing through all these interfaces based on

their requirements based on the hardware capability that you can literally connect to the ecu's next next slide please when we look at uh hardware communications uh sorry network communications every communication network are different and so there are different hardwares associated to it for radio frequency communications like um rf which is ranging to like which are ranging like 915 or many other 443 and all that megahertz we use tools like hikarf which is a very easy tool that can allow you to tap into the radio network and understand the pattern of the data that is flowing from one rf device to another rf device and understand and replay back by modifying the content like there are examples where we have

been noticing um like the keyless keyless key fobs where without the key fob the attacker will be able to send the command and the vehicle reacts to it opens the door right so such scenarios are easily tappable and replayed using hack rf and ubertooth is a device which will help you to listen to bluetooth communications ranging from 2.0 to 4.0 4.2 and you should be able to understand the security mechanisms understand what data is being flowing how is the authentication implemented what sensitive data is flowing and you should be able to modify and replay it back as well uh likewise the wi-fi device um which is within the network local network where you can connect to alpha wireless

card or wi-fi pineapple to spoof and fool the wi-fi device that is part of the vehicle which acts as a client or a master there are parallel softwares that you can use which can tap in to the uh which can add up to the hardware and look into very interesting traffic like wireshark can dump which can look into the can traffic and ethercap are very good ethercap is a very good tool that you can do a mitm for bluetooth and wi-fi both as well gnu radio is again used by hack rf these tools uh actually help you to reveal unencrypted traffic sensitive information like keys the encryption methodologies how what is the length of the key what

is the next sequence of the key if the key is constantly rotating performing a jamming and understand the data flow you can also try and see if you can really go ahead and hit the functionalities of the protocol implementation that is part of the chip by performing protocol fuzzing and there are many replay attacks um you you would have seen on the third slide the lots of news there are possibilities of replay attacks of the traffic and people steal the car funny right so uh just a replay attack which which the attacker uses small devices to tap into the traffic pattern and when the owner is not nearby they just replay and gain lots of um

value by stealing a car likewise yeah yeah yeah right in in addition to it there have also been multiple scenarios where uh the onboard hotspot wi-fi connections that an automotive vehicle provides right so they they tend to have default uh wi-fi passwords uh typically ranging i mean typically being one two three four five six or there there may be a logic uh business logic that sets the password to uh i mean in relation to a certain time stamp uh so these are some weaknesses that can also be exploited uh by a skilled uh attacker to uh connect to the vehicle and once uh the attacker is connected to the vehicle there is a lot of disruption that can be uh

performed so that uh also something that we need to take care in this attack surface right good thing you can literally look at is uh assume you would have got a vulnerability in one of the model right this can be replicated to n number of units so if if a attacker is successfully stealing a car one particular model he can steal the same model of different different cars so the the updation of hardware is difficult it requires a call off of the vehicle that's very costly and people don't do so and the remote updates uh are again very cost and it is not proven so easy so there are many challenges and those challenges for

developers are the success successful methods for the hackers right next slide so this this image is part of the gsm traffic that anyone can look at we have used usrp and hacker1 to understand what is a communication that is happening from the telematics to the cloud and what different information is passing by over a faraday cage and this is just a sample that we have just put up here next type please yeah and the packet inspection is uh highly required in terms of uh preparing for a replay attack or another thing certain uh unencrypted traffic right so that is something that we need to look at as well so yeah moving on to uh the application side of things so this

is something that uh i mean researchers have been working a lot on web applications and mobile applications so uh they still uh post uh i mean they still are an attack surface uh even in a connected technology or in a smart vehicle solution kind of a scenario uh because there are still a bunch of uh services that are opened up or that can be accessed via a web application or a mobile application equally and still be able to remotely control uh vehicle so the typical tools that we require uh for to find vulnerabilities in this area are a bunch of proxies uh proxy software like burp suite uh vulnerability scanners uh wrist uh rest our postman client

to interact with the rest apis and uh depending on the uh application that we have we may also require a rooted android device or a jailbroken ios device to better control the uh on onboard storage of the device and also tamper with the traffic which is going back and forth and the typical things to look for as uh for different default credentials uh also look for an unencrypted communication uh look for ways to bypass business logics so this can be uh i mean so once we reverse engineer a mobile application there may be uh certain uh snippets of the business logic uh which can be reverse engineered to bypass certain server side logic as well

so we would be looking at a quick example of one such thing so this is uh my this is a my car mobile application uh which uh i mean by reverse engineering the android application uh you could easily find the uh admin credentials right uh which is present in clear text in the uh in in the client side mobile app so this is something that is pretty common uh with with the mobile applications that still is able to control a major portion of the vehicle and moving on to cloud infrastructure so cloud as we discussed earlier does a lot of uh heavy lifting uh so the major uh computation and all the complex uh computation happens in the back-end

server uh in addition to it this is where uh continuous learning and the model enhancement happens so keeping such infrastructure safe is pivotal and with with increasing uh players in the automotive space and with increasing suppliers uh i mean we need to be uh extra careful in terms of uh waiting the uh back-end the service uh back-end servers uh to ensure they have been adequately uh they have been they are adequately secured from a physical security standpoint as well as uh a cyber security standpoint um and also have all the typical uh cloud security audits uh happening in a timely manner so moving on to a code review so uh like so historically it has been proven

right the code review is the best way to uh or the best approach to identify uh security vulnerabilities uh and uh this still stays uh true for uh a security uh for a smart vehicle solution as well and uh so the primary primary things that have to be looked at are we need to ensure that there are no hard-coded credentials uh in the code that is being released uh as well as look for hard-coded cryptographic secrets and also look for um any unofficiated code a logic that could uh reveal uh cryptographic uh algorithms that are being used and so on and so forth and uh yeah these are something that needs to be addressed before releasing a

software

yeah i'll go pretty go pretty much quick uh looking at the current standards standards are evolving dividing and we can literally see that the automotive standards like iso 26262 and the 402 or octave or tara or ts tc204 or few other standards mainly they are lying around the engineering process of the stlc and respace security and safety standards that are part of it so they take care of the process ensuring that each and every component or each and every phase of the development stage security is in place and it is actively used so these standards prominently play a role of ensuring that security is part of their life cycle for the complete product engagements so

um understanding that functionality safety is very very important these standards will allow you to ensure there is to the max functional safety is being considered um yeah right so yeah uh we would like to conclude this talk uh i mean emphasizing that security is not a step uh but it is a process and uh i mean this uh this is even more uh critical in a smart vehicle uh because this uh directly i mean a lack of security patch patches would directly impact the consumer uh driving the vehicle so the lifetime of the vehicle is directly dependent on the long term uh support of the components that go into a smart vehicle solution and since we already uh discussed that

security standards are still uh not at a mature state for smart vehicles uh until a point when uh where uh we have uh i mean pretty well-defined security standards uh we we need to uh keep pushing updates we need to keep looking for uh vulnerabilities and fixing them proactively as well as reactively fix the uh issues that have been reported by uh security researchers uh who who disclose them uh ethically right so this is something that we need to take extra care so this is a fun thing after listening to the whole security aspects of automotive you can see that a person who has lots of sensors put on on his body rather than clothes

there is a lot of data being exchanged likewise the automotive is also the same has got numerous sensors numerous data points and lots of data that's been floating around in within the vehicle and outside so it's equally important uh to see how it transforms uh now that we are hearing v two y v two x b two b lots of data is there in and around so yeah good thing to discuss such fun topics thank you sure yeah thank you all uh if you have any follow-up questions or something you can uh feel free to reach us on linkedin so that we can discuss it further over there thank you thanks thanks a lot besides for giving us this

opportunity have a great evening yeah thank you