![]() |
![]() |
University of Birmingham > Talks@bham > Computer Security Seminars > VulCAN: Authentic Execution for Automotive Control Networks
VulCAN: Authentic Execution for Automotive Control NetworksAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Dr Garfield Benjamin. NB alternative day and room Vehicular communication networks, specifically CAN , have been subject to a growing number of attacks that put the safety of passengers at risk. This results in millions of vehicles being recalled and lawsuits against car manufacturers. Recent standardisation efforts, i.e. AUTOSAR , suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that stronger attackers with code execution abilities on critical control units must be considered. In this talk I will present VulCAN, a generic solution to provide efficient and standard compliant message authentication and software component attestation in automotive control networks. VulCAN builds upon the idea of “authentic execution”, which utilises trusted computing primitives to provide a notion of end-to-end security for distributed applications on shared heterogeneous infrastructures. Authentic execution guarantees authenticity and integrity, and the secure control of I/O devices by mutually authenticated distributed application modules. In the context of vehicular control networks, this combination results in strong security guarantees that go beyond the standardised requirements. In particular, we protect against network attackers but also against substantially stronger adversaries capable of arbitrary code execution on electronic control units. I will also outline the limitations and open research questions for the approach. References ————————————
Speaker’s Bio ———————————— Jan Tobias Muehlberg works as a research manager at imec-DistriNet, KU Leuven (BE). He is active in the fields of software security, formal verification and validation of software systems, specifically for embedded systems and low-level operating system components. Tobias is particularly interested in security architectures for safety-critical embedded systems and for the Internet of Things. Before joining KU Leuven, Tobias worked as a researcher at the University of Bamberg (DE), obtained a Ph.D. from the University of York (UK) and worked as a researcher at the University of Applied Sciences in Brandenburg (DE), where he also acquired his Masters degree. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsCondensed Matter Physics Seminars Test Analysis Reading SeminarOther talksAn introduction to τ-exceptional sequences TBA TBA Waveform modelling and the importance of multipole asymmetry in Gravitational Wave astronomy Quantum Sensing in Space TBA |