- Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and...
-
Upload
jahiem-stiller -
Category
Documents
-
view
216 -
download
1
Transcript of - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and...
![Page 1: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/1.jpg)
Experimental Security Analysis of a Modern
Automobile
- Presented by Gaurav Mastakar
![Page 2: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/2.jpg)
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno
Department of Computer Science and Engineering University of Washington
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham,
and Stefan SavageDepartment of Computer Science and Engineering
University of California San Diego
Authors
![Page 3: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/3.jpg)
Automobiles are monitored and controlled Introduction of new potential risks Demonstration of fragility of system
structure Electronic Control Unit (ECU) Range of experiments performed Possible to bypass network security Composite attacks
Abstract
![Page 4: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/4.jpg)
Automobiles contains myriad of computers Luxury sedan contains 100 MB binary code
spread across 50-70 computers Safety the main concern Onboard Diagnostics port User-upgradable subsystems
Introduction
![Page 5: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/5.jpg)
Telematics system by GM’s OnStar features Integration of internal automotive
subsystems with a remote command center via a wide-area cellular connection
Hughes Telematics App Store Ford’s Sync Telematics system
Introduction (contn’d)
![Page 6: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/6.jpg)
Experiments on two passenger cars Test cars components to assess resilience Demonstrate ability to control components Combining these mount attacks Evaluation of security properties of each
component and analyze network substrate
Introduction (contn’d)
![Page 7: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/7.jpg)
250 million automobiles in US Automotive Embedded Systems: Self
contained embedded systems called ECUs in 1970s
Integrated into cars functioning and diagnostics
Background
![Page 8: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/8.jpg)
ECU Coupling: complex interactions across ECUs Electronic Stability Control (ESC): monitors
wheel speed, steering angle, throttle position and accelerometers; modulates engine torque and wheel speed to increase traction
Antilock Breaking System (ABS) Roll Stability Control (RSC): apply breaks, reduce
throttle, modulate steering angle Activity Cruise Control (ACC): scan road ahead
and increase decrease throttle. Eg: Audi Q7 Also provide pre-crash features
Background (contn’d)
![Page 9: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/9.jpg)
Luxury sedans even offer automated parallel parking features. eg: Lexus LS460
Electric driven vehicles require precise software control over power management and regenerative braking to achieve high efficiency, by a slew of emerging safety features
Eg: GM’s OnStar will offer integration with Twitter
Background (contn’d)
![Page 10: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/10.jpg)
Car contains multiple buses (high-speed and low speed)
Buses are bridged to provide subtle interaction requirements
Eg: Central Locking System (CLS) controls power door locking mechanismCLS must also be connected to safety critical systems
Background (contn’d)
![Page 11: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/11.jpg)
Telematics: automation in automobiles GM’s OnStar: analyze OBD detect vehicle
problems ECUs monitor crash sensors; OnStar
personnel to perform functions; to do so bridge all important buses, connect to Internet via Verizon’s digital cellular service
Background (contn’d)
![Page 12: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/12.jpg)
Framing the vehicle security and privacy problem space
Security problems of vehicle-to-vehicle systems
Tuner subculture
Related Work
![Page 13: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/13.jpg)
What an attacker could do? How an attacker could gain access? 1. Physical access: insert malicious component
into cars internal network via OBD-II port 2. Via wireless interfaces: five kinds of digital
radio interfaces accepting outside input; remotely compromise key ECUs in our car via externally-facing vulnerabilities, amplify the impact using the results in this paper, and ultimately monitor and control our car remotely over the Internet.
Threat Model
![Page 14: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/14.jpg)
Two 2009 automobiles with electronically controlled components and telematics system
Two vehicles to allow differential testing and to validate the results were not tied to one car
Also purchased individual replacement ECUs via third-party dealers to allow additional testing.
Experimental Environment
![Page 15: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/15.jpg)
![Page 16: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/16.jpg)
Experiments with these cars—and their internal components—in three principal settings:1. Bench2. Stationary car3. On the road
Experimental Environment (contn’d)
![Page 17: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/17.jpg)
Bench Extract hardware Variant of CAN protocol
Experimental Environment (contn’d)
![Page 18: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/18.jpg)
Stationary car: Used CAN-to-USB interface Atmel AT90CAN128 development board with custom firmware
Experimental Environment (contn’d)
![Page 19: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/19.jpg)
Experimental Environment (contn’d)
![Page 20: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/20.jpg)
On the road:
Experimental Environment (contn’d)
![Page 21: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/21.jpg)
![Page 22: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/22.jpg)
Assess the security properties of CAN busA. CAN Bus: link layer data protocol used for
diagnostics used by BMW, Ford, GM, Honda
Intra-Vehicle Network Security
![Page 23: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/23.jpg)
CAN variant includes Slight extensions to framing Two separate physical layers Gateway bridge is used to route data Protocol standards define a range of
services to be implemented by ECUs
Intra-Vehicle Network Security (contn’d)
![Page 24: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/24.jpg)
B. CAN Security Challenges: Broadcast Nature: Malicious component can
snoop packets Fragility to DoS: CAN has priority based
arbitration scheme with states dominant or recessive
No Authenticator Fields: Any component can send CAN packet to any other component
Intra-Vehicle Network Security (contn’d)
![Page 25: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/25.jpg)
Weak Access Control: Protocol standards specify a challenge response sequence to protect ECUs
1. Reflashing and memory protection:2. Tester Capabilities: restricts access to
DeviceControl services Fixed challenge-response pairs are 16 bits ECUs allow response attempt every 10 sec Multiple ECUs can be cracked in parallel Physically removing the component
Intra-Vehicle Network Security (contn’d)
![Page 26: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/26.jpg)
ECU Firmware Updates and Open Diagnostic Control:
1. Software only upgrades to ECUs2. As DeviceControl Service used in diagnosis
of cars components, many attacks can be built on it
Intra-Vehicle Network Security (contn’d)
![Page 27: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/27.jpg)
C. Deviation from Standards Not all components follow standards Disabling Communications: ECUs should
reject “disable CAN communications” Reflashing ECUs while driving: “The engine
control module should reject a request to initiate a programming event if the engine were running.”
Could place ECM and TCM into reflashing mode
Intra-Vehicle Network Security (contn’d)
![Page 28: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/28.jpg)
Noncompliant Access Control: Firmware and Updates: ECUs must be protected by challenge-response protocol• Telematics Unit connected to cars CAN buses use hardcoded challenge and response common to all units• can reflash the unit and can load our own code into telematics unit • Should deny rights to read sensitive memory areas
Intra-Vehicle Network Security (contn’d)
![Page 29: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/29.jpg)
• Standard states defining memory addresses that will not allow tester to read under any circumstances
• But could read reflashing keys out of BCM• DeviceControl keys for ECM and TCM• Extract telematics units entire memory
Intra-Vehicle Network Security (contn’d)
![Page 30: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/30.jpg)
Noncompliant Access Control: Device overrides: • DeviceControl service override state of components• ECUs should reject unsafe DeviceControl override requests• Certain requests succeeded without authenticating
Intra-Vehicle Network Security (contn’d)
![Page 31: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/31.jpg)
Imperfect Network Segregation: standard states that gateways between the two networks must only be re-programmable from the high-speed network• 2 ECUs on both buses and can bridge signals: BCM and Telematics unit which is not a gateway• Verified that we could bridge these networks by uploading code into telematics unit
Intra-Vehicle Network Security (contn’d)
![Page 32: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/32.jpg)
A. Attack Methodology1. Packet Sniffing and Targeted Probing: Used CARSHARK to observe traffic on CAN
buses Combination of replay and informed
probing
Component Security
![Page 33: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/33.jpg)
2. Fuzzing: Damage can be done by fuzzing of packets DeviceControl allows testing devices to override
normal output functionality of ECU DeviceControl takes an argument called CPID
Eg. BCM
3. Reverse Engineering: Dumped code via CAN ReadMemory service and
used third party debugger (IDA pro) Essential for attacks that require new functionality
to be added
Component Security (contn’d)
![Page 34: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/34.jpg)
B. Stationary Testing:
Component Security
![Page 35: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/35.jpg)
Component Security
![Page 36: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/36.jpg)
Component Security
![Page 37: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/37.jpg)
1. Radio: completely control, disable user control and display arbitrary messages
2. Instrument Panel Cluster (IPC):
Component Security
![Page 38: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/38.jpg)
3. Body Controller: control is split across low-speed and high-speed buses
4. Engine: attacks were found by fuzzing DeviceControl requests to the ECM
Attack like disturb engine timing by resetting the learned crankshaft angle sensor error
5. Brakes: how to lock brakes without needing to unblock EBCM with its DeviceControl key
6. HVAC: control the cabin environment
Component Security
![Page 39: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/39.jpg)
7. Generic DoS: disable communication of individual components on CAN bus
C. Road Testing: car was controlled via a laptop running CARSHARK and connected to the CAN bus via the OBD-II port. Laptop controlled via wireless link to another laptop in chase car
Component Security
![Page 40: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/40.jpg)
EBCM needed to be unblocked to issue DeviceControl packets
Able to release brakes and prevent from breaking
Able to continuously lock brakes unevenly Road testing helped to completely
characterize the brake behavior
Component Security
![Page 41: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/41.jpg)
A. Composite Attacks:1. Speedometer: display an arbitrary speed
or an arbitrary offset of the current speed intercepting speed update packets implemented as a CARSHARK module and as custom firmware for the AVR-CAN board tested by comparing displayed speed with actual speed
Multi-Component Interactions
![Page 42: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/42.jpg)
2. Lights Out: disable interior and exterior lights
requires the lighting control system to be in the “automatic” setting
3. Self-Destruct: demo in which a 60-second count-down is displayed on the DriverInformation Center Kills the engine and activates the door lock relay
Multi-Component Interactions (contn’d)
![Page 43: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/43.jpg)
B. Bridging Internal CAN Networks BCM regulates access between two buses Telematics unit connected to both buses can be reprogrammed from device connected to low speed bus; acts as a bridge any device attached to low speed bus can bypass BCM gateway
Multi-Component Interactions (contn’d)
![Page 44: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/44.jpg)
C. Hosting Code; Wiping Code: Implant malicious code within telematics unit
Complicating detection and forensic evaluations Perform action and erase evidence if attack code installed as per above method simply reboot
Multi-Component Interactions (contn’d)
![Page 45: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/45.jpg)
1. Extent of damage: Didn’t anticipate that we would be able to directly manipulate safety critical ECUs or create unsafe conditions
2. Ease of attack: Automotive systems are fragile, simple fuzzing infrastructure
3. Unenforced Access Controls: could load firmware onto ECUs like Telematics unit and RCDLR without authentication; Critical ECUs respond to DeviceControl packets
Discussion and Conclusions
![Page 46: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/46.jpg)
4. Attack Amplification: Maliciously bridging high-speed and low-speed networks Design code to erase evidence Components designed to tolerate failures but tolerating attacks not part of design
Discussion and Conclusions (contn’d)
![Page 47: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/47.jpg)
Future Work:1. Diagnostic and Reflashing Services:
Lock-down capabilities How could mechanics service and replace components Reflashing commands should only be issued with validation Physical access to car required before issuing dangerous commands
Discussion and Conclusions (contn’d)
![Page 48: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/48.jpg)
2. Aftermarket Components: Allow owners to connect external filtering device between untrusted component and vehicle bus
3. Detection versus Prevention: if prevention is expensive, quick reversal is sufficient for certain class of vulnerabilities
4. Toward Security: See what is feasible practically and compatible with interests of a broader set of stakeholders
Discussion and Conclusions (contn’d)
![Page 49: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/49.jpg)
?Questions
![Page 50: - Presented by Gaurav Mastakar. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Tadayoshi Kohno Department of Computer Science and.](https://reader035.fdocuments.in/reader035/viewer/2022062619/55177e6e5503460e6e8b53d3/html5/thumbnails/50.jpg)
THANK YOU !!