TU BRAUNSCHWEIG

Seminar Automotive Security

Overview

Semester: Sommer 2017
Course type: Block Seminar
Lecturer: Prof. Dr. Konrad Rieck
Assistants: Dr. Ansgar Kellner, Christian Wressnegger
Audience: Computer Science Master
Credits: 5 ECTS
Hours: 2
Capacity: max. 8 Students
Room: BRICS 107/108

Schedule

 Date  Step    
 04.04. 15:00 – 16:30  Primer on Automotive Security, assignment of topics    
 09.05. – 11.05  Appointment with assistant (must be arrange by 07.05)    
 06.06.  Submit paper    
 20.06.  Submit review of two fellow students    
 04.07.  Camera-ready version of your paper    
 11.07. 16:00 – 18:30  Presentations    

Description

As in many other areas of day-to-day life electronics and an increasing degree of automation find their way to private transportation and to cars in particular. Electronic keys, multimedia and navigation systems or even auto-pilots are things that—without doubt—make a lot of sense in terms of ease-of-use and comfort but also theft protection and safety. However, by connecting cars with each other, querying and incorporating external data, or allowing the driver to hook up arbitrary gadgets we open the door to a plethora of attack scenarios.

This seminar especially deals with the aspects of computer security in the context of automobiles. A large section will cover offensive technologies in order to assess the state of security of such systems and the requirements for an effective defense. In line with this we would like to also highlight attack detection mechanisms and ways to secure automotive systems.

Requirements

The seminar is organized like a real academic conference. You need to prepare a written paper (English language) about the selected topic with 8–10 pages in ACM double-column style.

After submitting your paper at our conference system, you write two reviews about your fellow students' submitted paper to give them feedback how to improve their paper. Then, you will have time to improve your own final paper.

Finally, you need to give a talk of 20–25 minutes on your topic. We will also provide drinks and pizza to enjoy the talks at our small AutoSec conference.

Contact

The seminar is organized by the Institute of System Security. For questions and further details, please contact

Seminar Topics

Picking Electronic Locks

Hot-wiring a car or lock-picking its doors are basic skills of every other Hollywood villain or superhero alike. These days we are however dealing with electronically secured immobilizers, that have only little in common with car keys from "back in the days". The industry promises theft protection on a significantly higher level such that Bruce Willis would fall into despair of. Unsuprisingly, these systems are not rock-solid either. As a matter of fact, in recent years there have been several incidents revealing severe flaws.

Attacking On-board Systems

Navigation and multimedia systems, auto pilots, or systems to monitor the "vital signs" of a car, such as the state of the engine or tires. In a modern vehicle there are plenty of on-board systems performing rather complex tasks. Often the system even allows the passengers to hook up their private gadgets to extend the capabilities of the car which in turn may have devastating security implications. With this topic your are rather free in "choosing your weapons" and you are asked to provide an overview about different attack scenarios.

Intrusion Detection in On-board Systems

This is sort of the counterpart to the previously described topic. Ideally control systems for brakes, engines and other safety-relevant parts of a car are separated from systems that process external data/media. Sealing off a system however is one side of the coin. The other is to detect when something went wrong. Unfortunately, current automotive systems often fall short with respect to this, but there is a vivid research community addressing this issue and applying lessons learned from "traditional" computer security.

Deriving Vehicle Telematics using Smartphones

Mobile phones allow to reliable track positions... How else would it be possible for you to move around in the country, still being reachable for others. Almost all smartphones additionally come with a multitude of sensors that allow to derive the telematics of a "moving target". With this topic we would like you to look into these options, particularly in the context of cars.

Profiling Drivers

There is a plethora of sensors ensuring the correct operation of a vehicle. These sensors in and around a modern car of course tell a lot about the person navigating the vehicle, but also fellow passengers. While this data is mainly intended to improve the "user experience" this can be a huge privacy issue that may even concern the safety of the person in the vehicle.

Exploiting Car-to-X Systems

Sharing sensor data between vehicles or cars with the infrastructure, other devices, the power grid in case of e-cars, etc. promises various benefits to the individual. Information such as velocity, location or distances to other road users can be used in various ways. However, in case a vehicle relies on external data and autonomously comes to a decision on its basis things may go terrible wrong... especially if somebody plays false.

Manipulating Traffic Control

As the discussion on Car-To-X System suggests, private transportation obvisouly involves more than single cars considered individually and far more than visible on first sight. The security of the supporting infrastructure hence is a big talking point when it comes to automotive security. However, its is not always about the freaky new technology popping up on yearly auto shows, but also about well-hung—but often still exploitable—systems as for instance traffic control. Think of traffic lights, overhead warning signs that essentially are electronic billboards, or traffic alert systems.


  aktualisiert am 11.07.2017
TU_Icon_E_Mail_1_17x17_RGB Zum Seitenanfang