RUB » Bibliotheksportal

Amit Geynis

• We’re all familiar with the term "Zero-Day Vulnerabilities", but have you ever wondered what kind of zero-day vulnerabilities are found in real-time embedded automotive systems today? We believe that by sharing insights from vulnerabilities that we’ve discovered in bona fide production components, our colleagues across the industry can get a better understanding of the types of vulnerabilities in vehicle code or configuration, and build effective strategies for mitigating the risk. Our penetration testing team receives and reverse-engineers many ECUs from our clients such as TCUs, BCMs, instrument clusters, radars, airbags and other safety critical systems. Zero-Day vulnerabilities exist in all of them, some are very easy to exploit, some are harder, some have very complex software bugs that developers can easily miss, while others should have been caught during a standard security review. In this talk, we will present four distinct vulnerabilities we found and disclosed. These vulnerabilities will give you a representative view of the complexity and variety of security issues encountered in recent years. We will describe in detail the bugs and misconfiguration that caused each vulnerability, the target ECU and the security impact arising from each vulnerability. Some of the details were redacted to ensure confidentiality of the involved parties. We will conclude lessons learned and how best to mitigate such issues.