When: April 22, 2021 | noon Eastern Daylight Time (North America)(UTC−04)
Who: Sekar Kulandaivel PhD Candidate at Carnegie Mellon University
Preventing Attack Kill-Chains with a better Security TestbedThe last few years of my PhD have been pretty exciting. We found some surprising and unexpected vulnerabilities when it comes to onboard vehicle security. Unfortunately, when you string these vulnerabilities together, we can build a new attack kill-chain! This kill-chain lets an attacker use a compromised in-vehicle ECU to target and control another ECU on the CAN bus. In hindsight, these vulnerabilities that enable this kill-chain should have been caught at design time. In this talk, I will present concrete examples of how we identify new vulnerabilities, and I will suggest methods to build a better security testbed. The goal here is to not only capture basic security vulnerabilities, but also capture unforeseen vulnerabilities as a vehicle's complex design changes over time. With this new approach, we can likely worry less about adding new fancy features while not inherently adding new vulnerabilities for tomorrow's attackers.
About the Presenter:
Visit Speaker Profile