SlideShare uma empresa Scribd logo
1 de 44
Baixar para ler offline
Automotive Linux, Cybersecurity and
Transparency
Alison Chaiken
SCALE 14x
alison@she-devel.com
Jan 22, 2016
http://she-devel.com/Chaiken_automotive_cybersecurity.pdf
● The Problem(s)
-- Legacy designs
-- Unclear privacy situation
-- DMCA
● Approaches to a Solution
-- PKE
-- Virtualization
-- Architecture-based security
-- Open Source
3
Ready or not, here come new regulations
Caltrans source link
4
July 2015: Miller and Valasek “state-sponsored”
takedown of Jeep
source: http://illmatics.com/Remote%20Car%20Hacking.pdf
5
Miller-Valasek: D-Bus service responding to an
open 3G port
“To find vulnerable vehicles you just need to scan on
port 6667 from a Sprint device. . . “
6
Without Over-the-Air Updates, Jeep is stuck
Dec. 2015 view of Uconnect update
p0wn-to-own
7
The Jeep was running QNX
● QNX is outshipping Linux 6:1 say analysts.
● Many automakers plan cars that run Linux:
– GENIVI members: BMW, FAW, CMC, Great Wall,
Honda, Hyundai, JLR, Daimler, Nissan, Peugeot-
Citroen, Renault, SAIC, Volvo
– AGL members: Toyota, JLR, Mitsubishi, Nissan,
Honda, Ford, Mazda,Subaru
● So everything's fine, right?
8
What about . . .
● attaching your phone via USB to a rental car?
● leaving your car at a repair shop overnight?
How do we . . .
● opt out of automakers' data collection?
● reset a car for sale to factory defaults?
Should . . .
● an unpatched car fail its safety inspection?
● law enforcement routinely monitor speed data?
We need societal values to inform
transportation technological decisions
. . . not the other way around!
10
Safety vs. Security Tradeoffs?
● 2-seconds-to-rear-view-camera NHTSA rule enforces
minimum boot time.
● Ill-considered regulations can lead to less safety when
increased attack surface is factored in.
11
Event Data Recorders: NHTSA decision
pending
courtesy
Nate Cardozo,
EFF
The surest approach to security:
avoid being an attractive target
13
The ONLY way that payment credentials should
be stored in a car
Connectivity to car systems: double-stick tape
14
Associating broad payment credentials
with embedded car systems
puts lives in danger.
15
Payment credentials + High Voltage + Connectivity
What could possibly go wrong?
Ozer Shezaf, http://xiom.com/2013/04/13/who_can_hack_a_plug_the_presentation
Security and transparency
approaches
17
Vinli-Dialexa scan tool architecture
18
Preserving anonymity with PKE is Challenging
Courtesy B. Lehrmann, 32C3, “Vehicle2Vehicle Communication based on IEEE802.11p”
19
Multiple processor cores with multiple OSes
Courtesy Mentor Automotive
Driver Assistance,
Navigation, Entertainment
Linux can
be AGL-GENIVI
or Android, or one
core of each
Proprietary
or Xen
or QNX …
20
Copyright Renesas, “Introduction to CAN”, with permission.
Automotive LAN, 2025
Ethernet A/V-B (audio-video bridging) will displace FlexRay and MOST
Becomes a
packet-filtering
firewall
EA/V-B
EA/V-B
21
Proposal: scantool connection via DB only
Single-board server
CAN
500 kbps
Get rid of hard connections to CAN
from passenger cabin.
physical
firewall
22
Linux kernel's watchdog timer
guards against intrusion-caused slowdown
Critical application,
normal state
/dev/watchdog
Critical application,
failed state; or simple slowdown
/dev/watchdog
X X
REBOOT
Must hit critical time window
int petdog(unsigned interval) {}
Industry Best Practice: ChromiumOS's Verified Boot
Balances security with software freedom.
24
Courtesy
GENIVI
and
Arynga
25
EFF wins automotive DMCA Section 1201 exemption
32c3 2015: F. Domcke reverse-engineers the VW-diesel cheat
26
Most exciting development of 2015: OSVehicle
27
Summary
● Adding capability and automation inevitably increases
'attack surface.'
● The FCA-Harman-Sprint installation did not follow best
practices.
● The industry as a whole is moving to OTA.
● Considerable open-source activity is underway.
● Traditional Linux security considerations apply equally
to cars.
28
References
● Smart Automotive special issue of Telematics Wire
● Nate Willis, “Linux and the Automotive Security Lab”
● “Dieselgate” and V2V communication talks at 32c3 2015
● EPIC “Internet of Cars” Congressional testimony, 11/18/2015
● “Vehicle Forensics” SchmooCon 2014
● “Remote Vehicle Interaction,” AGL meeting, 9/2015
● Ethernet A/V-B: Junko Yoshida, EE Times
● Automotive Grade Linux and GENIVI
● General Motors' kernel source
● Freenode #automotive IRC
● I Am the Cavalry Five Star Automotive Cyber Safety Framework
29
Acknowledgements
Thanks to the following people for comments on,
contributions to or support of (but not endorsement of)
this presentation:
Dan Bartz, Mike Linksvayer, Roni Michaels, Linda
Campbell, Charlie Vogelheim, Nate Cardozo, Andre
Nakkurth, Julian Palau, Vinli, IBM Enterprise Security
30
extra slides
Hardware-level security on a device
● x86: TPM, IMA . . .
● ARM: Cortex-R,
TrustZone
● Both ARM and x86
solutions have some
Linux driver support
Image courtesy Chris Turner, ARM
32
Familiar problems, familiar solutions
Global Logic: http://tinyurl.com/ojnrbr2
DOM0 and DOMU run on different cores of a processor.
33
Driver drowsiness detection has great potential,
but . . .
Source: Key Safety Systems
34
Copyright Renesas, “Introduction to CAN”, with permission.
Automotive LAN, 2015
>100 microprocessors on MOST, CAN-FD, LIN, FlexRay networks
35
GPS Spoofing: Qihoo at Defcon
36
Connectivity may be a bad choice
“Shuttle bus withJ1939 air conditioning,”
Metropolitan Atlanta
Rapid Transit Authority,
http://can-newsletter.org
The “Thermo King Intelligaire III“
37
Ambient Insecurity: the Internet of Threats
“Alternative Web browser-based user interface allows remote
programming and status observation”
(Safetran Cobalt brochure)
Background: Thinking Highways
38
Open Street Map and Ubuntu uNav
H/T Linux Unplugged Episode 115
39
CAN Industry Association newsletter, July 24, 2014
Automotive pen-testing
40
41
Courtesy of IHS and E. Juliussen
GENIVI Demo Platform
Qemu image plus BSPs for RPi, Minnowboard, Nvidia
Jetson and Renesas R-Car
43
Source: RTKL blog
A typical automotive data center
44
http://tinyurl.com/crbazg9
Chaos Computer Club 2012 video
Christie Dudley, Santa Clara University Law School

Mais conteúdo relacionado

Mais procurados

"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th..."Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...Edge AI and Vision Alliance
 
The Advent of Automotive Linux
The Advent of Automotive LinuxThe Advent of Automotive Linux
The Advent of Automotive LinuxAlison Chaiken
 
Connected Cars & 5G
Connected Cars & 5GConnected Cars & 5G
Connected Cars & 5GITU
 
Connected Car Security and the Future of Transportation
Connected Car Security and the Future of Transportation Connected Car Security and the Future of Transportation
Connected Car Security and the Future of Transportation Liz Slocum
 
The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarJorgen Thelin
 
SCALE 2012: Automotive: new frontier for mobile Linux
SCALE 2012: Automotive: new frontier for mobile LinuxSCALE 2012: Automotive: new frontier for mobile Linux
SCALE 2012: Automotive: new frontier for mobile LinuxAlison Chaiken
 
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...Mahbubul Alam
 
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...Black Duck by Synopsys
 
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Bill Harpley
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System mentoresd
 
5G and autonomous vehicle
5G and autonomous vehicle5G and autonomous vehicle
5G and autonomous vehicleMahbubul Alam
 
Lochbridge Connected Car Ecosystem
Lochbridge Connected Car EcosystemLochbridge Connected Car Ecosystem
Lochbridge Connected Car EcosystemRomil Bahl
 
IoT concepts in movies
IoT concepts in moviesIoT concepts in movies
IoT concepts in moviesVish Nandlall
 
Future mobile networks connected and autonomous cars
Future mobile networks  connected and autonomous carsFuture mobile networks  connected and autonomous cars
Future mobile networks connected and autonomous carslammya aa
 
Connected car in the cloud
Connected car in the cloudConnected car in the cloud
Connected car in the cloudRajesh kumar saw
 

Mais procurados (18)

"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th..."Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
"Automakers at a Crossroads: How Embedded Vision and Autonomy Will Reshape th...
 
The Advent of Automotive Linux
The Advent of Automotive LinuxThe Advent of Automotive Linux
The Advent of Automotive Linux
 
Connected Cars & 5G
Connected Cars & 5GConnected Cars & 5G
Connected Cars & 5G
 
Connected vehicles
Connected vehiclesConnected vehicles
Connected vehicles
 
Connected Car Security and the Future of Transportation
Connected Car Security and the Future of Transportation Connected Car Security and the Future of Transportation
Connected Car Security and the Future of Transportation
 
The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected Car
 
SCALE 2012: Automotive: new frontier for mobile Linux
SCALE 2012: Automotive: new frontier for mobile LinuxSCALE 2012: Automotive: new frontier for mobile Linux
SCALE 2012: Automotive: new frontier for mobile Linux
 
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...
Next Generation Automotive Cybersecurity with Software Defined Perimeter & Bl...
 
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...
 
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
 
Quotron
QuotronQuotron
Quotron
 
5G and autonomous vehicle
5G and autonomous vehicle5G and autonomous vehicle
5G and autonomous vehicle
 
Lochbridge Connected Car Ecosystem
Lochbridge Connected Car EcosystemLochbridge Connected Car Ecosystem
Lochbridge Connected Car Ecosystem
 
IoT concepts in movies
IoT concepts in moviesIoT concepts in movies
IoT concepts in movies
 
Future mobile networks connected and autonomous cars
Future mobile networks  connected and autonomous carsFuture mobile networks  connected and autonomous cars
Future mobile networks connected and autonomous cars
 
Connected Cars: Automotive Technology M&A
Connected Cars: Automotive Technology M&AConnected Cars: Automotive Technology M&A
Connected Cars: Automotive Technology M&A
 
Connected car in the cloud
Connected car in the cloudConnected car in the cloud
Connected car in the cloud
 

Destaque

B. ejemplo plan de asignatura
B.  ejemplo plan de asignaturaB.  ejemplo plan de asignatura
B. ejemplo plan de asignaturaimac_angel
 
Call Centre Management
Call Centre ManagementCall Centre Management
Call Centre ManagementAbhishek Jain
 
Oracle Crm On Demand Release 17 Life Sciences Edition
Oracle Crm On Demand Release 17 Life Sciences EditionOracle Crm On Demand Release 17 Life Sciences Edition
Oracle Crm On Demand Release 17 Life Sciences EditionShane_Boyd
 
Cloud RAN for Mobile Networks_Final
Cloud RAN for Mobile Networks_FinalCloud RAN for Mobile Networks_Final
Cloud RAN for Mobile Networks_FinalSumedh Deshpande
 
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...oow123
 
5G Cloud RAN & IoT Architecture
5G Cloud RAN & IoT Architecture5G Cloud RAN & IoT Architecture
5G Cloud RAN & IoT ArchitectureSathiya keerthi
 
Utilities Digital Data Driven Innovation
Utilities Digital Data Driven Innovation Utilities Digital Data Driven Innovation
Utilities Digital Data Driven Innovation Riccardo Romani
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
 
Five Journeys to (your) Cloud Infrastructure
Five Journeys to (your) Cloud InfrastructureFive Journeys to (your) Cloud Infrastructure
Five Journeys to (your) Cloud InfrastructureRiccardo Romani
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing pptMehul Patel
 

Destaque (14)

B. ejemplo plan de asignatura
B.  ejemplo plan de asignaturaB.  ejemplo plan de asignatura
B. ejemplo plan de asignatura
 
Call Centre Management
Call Centre ManagementCall Centre Management
Call Centre Management
 
Oracle Crm On Demand Release 17 Life Sciences Edition
Oracle Crm On Demand Release 17 Life Sciences EditionOracle Crm On Demand Release 17 Life Sciences Edition
Oracle Crm On Demand Release 17 Life Sciences Edition
 
Wk7 assgnsykesr
Wk7 assgnsykesrWk7 assgnsykesr
Wk7 assgnsykesr
 
Cloud RAN for Mobile Networks_Final
Cloud RAN for Mobile Networks_FinalCloud RAN for Mobile Networks_Final
Cloud RAN for Mobile Networks_Final
 
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
 
5G Cloud RAN & IoT Architecture
5G Cloud RAN & IoT Architecture5G Cloud RAN & IoT Architecture
5G Cloud RAN & IoT Architecture
 
Utilities Digital Data Driven Innovation
Utilities Digital Data Driven Innovation Utilities Digital Data Driven Innovation
Utilities Digital Data Driven Innovation
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer Presentation
 
Five Journeys to (your) Cloud Infrastructure
Five Journeys to (your) Cloud InfrastructureFive Journeys to (your) Cloud Infrastructure
Five Journeys to (your) Cloud Infrastructure
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing ppt
 

Semelhante a Automotive Linux, Cybersecurity and Transparency

20181116.smart can cable_v2
20181116.smart can cable_v220181116.smart can cable_v2
20181116.smart can cable_v2Mocke Tech
 
Booth content from Maker Faire Bay Area 2012
Booth content from Maker Faire Bay Area 2012Booth content from Maker Faire Bay Area 2012
Booth content from Maker Faire Bay Area 2012Alison Chaiken
 
Module Consolidation: Combining Safety-Critical Automotive Applications with ...
Module Consolidation: Combining Safety-Critical Automotive Applications with ...Module Consolidation: Combining Safety-Critical Automotive Applications with ...
Module Consolidation: Combining Safety-Critical Automotive Applications with ...Design World
 
Why Cars Need Free Software
Why Cars Need Free SoftwareWhy Cars Need Free Software
Why Cars Need Free SoftwareAlison Chaiken
 
Connected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckConnected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckSecurity Innovation
 
Addressing the hard problems of automotive Linux: networking and IPC
Addressing the hard problems of automotive Linux: networking and IPCAddressing the hard problems of automotive Linux: networking and IPC
Addressing the hard problems of automotive Linux: networking and IPCAlison Chaiken
 
Technology, Business and Regulation of the Connected Car
Technology, Business and Regulation of the Connected CarTechnology, Business and Regulation of the Connected Car
Technology, Business and Regulation of the Connected CarAlison Chaiken
 
The “Telematics Horizon” V2V and V2I Networking
The “Telematics Horizon” V2V and V2I NetworkingThe “Telematics Horizon” V2V and V2I Networking
The “Telematics Horizon” V2V and V2I NetworkingAlison Chaiken
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldBrad Nicholas
 
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18Mark Goldstein
 
Rosella reference design architecture v 0.1
Rosella reference design architecture v 0.1Rosella reference design architecture v 0.1
Rosella reference design architecture v 0.1Tarik Hammadou
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesReal-Time Innovations (RTI)
 
Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?Bill Harpley
 
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17Linaro
 
Linux Akraino Blueprint
Linux Akraino BlueprintLinux Akraino Blueprint
Linux Akraino BlueprintLiz Warner
 
Developing automotive Linux
Developing automotive LinuxDeveloping automotive Linux
Developing automotive LinuxAlison Chaiken
 
OSGi Technology in the Vehicle - H U Michel
OSGi Technology in the Vehicle - H U MichelOSGi Technology in the Vehicle - H U Michel
OSGi Technology in the Vehicle - H U Michelmfrancis
 

Semelhante a Automotive Linux, Cybersecurity and Transparency (20)

Edmunds presentation
Edmunds presentationEdmunds presentation
Edmunds presentation
 
20181116.smart can cable_v2
20181116.smart can cable_v220181116.smart can cable_v2
20181116.smart can cable_v2
 
Booth content from Maker Faire Bay Area 2012
Booth content from Maker Faire Bay Area 2012Booth content from Maker Faire Bay Area 2012
Booth content from Maker Faire Bay Area 2012
 
Module Consolidation: Combining Safety-Critical Automotive Applications with ...
Module Consolidation: Combining Safety-Critical Automotive Applications with ...Module Consolidation: Combining Safety-Critical Automotive Applications with ...
Module Consolidation: Combining Safety-Critical Automotive Applications with ...
 
Why Cars Need Free Software
Why Cars Need Free SoftwareWhy Cars Need Free Software
Why Cars Need Free Software
 
Connected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckConnected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality Check
 
Addressing the hard problems of automotive Linux: networking and IPC
Addressing the hard problems of automotive Linux: networking and IPCAddressing the hard problems of automotive Linux: networking and IPC
Addressing the hard problems of automotive Linux: networking and IPC
 
Technology, Business and Regulation of the Connected Car
Technology, Business and Regulation of the Connected CarTechnology, Business and Regulation of the Connected Car
Technology, Business and Regulation of the Connected Car
 
The “Telematics Horizon” V2V and V2I Networking
The “Telematics Horizon” V2V and V2I NetworkingThe “Telematics Horizon” V2V and V2I Networking
The “Telematics Horizon” V2V and V2I Networking
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT World
 
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18
Phoenix Mobile & Emerging Tech Festival Autonomous Vehicles Presentation 11/3/18
 
Rosella reference design architecture v 0.1
Rosella reference design architecture v 0.1Rosella reference design architecture v 0.1
Rosella reference design architecture v 0.1
 
The Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car ArchitecturesThe Low-Risk Path to Building Autonomous Car Architectures
The Low-Risk Path to Building Autonomous Car Architectures
 
Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?Connected & Driverless vehicles: the road to Safe & Secure mobility?
Connected & Driverless vehicles: the road to Safe & Secure mobility?
 
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17
Linaro Connect San Francisco 2017 - Welcome Keynote by George Grey | #SFO17
 
Fleet Concerns
Fleet ConcernsFleet Concerns
Fleet Concerns
 
Linux Akraino Blueprint
Linux Akraino BlueprintLinux Akraino Blueprint
Linux Akraino Blueprint
 
Developing automotive Linux
Developing automotive LinuxDeveloping automotive Linux
Developing automotive Linux
 
Developing for the Connected Car
Developing for the Connected CarDeveloping for the Connected Car
Developing for the Connected Car
 
OSGi Technology in the Vehicle - H U Michel
OSGi Technology in the Vehicle - H U MichelOSGi Technology in the Vehicle - H U Michel
OSGi Technology in the Vehicle - H U Michel
 

Mais de Alison Chaiken

Not breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABINot breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABIAlison Chaiken
 
Supporting SW Update via u-boot and GPT/EFI
Supporting SW Update via u-boot and GPT/EFISupporting SW Update via u-boot and GPT/EFI
Supporting SW Update via u-boot and GPT/EFIAlison Chaiken
 
Two C++ Tools: Compiler Explorer and Cpp Insights
Two C++ Tools: Compiler Explorer and Cpp InsightsTwo C++ Tools: Compiler Explorer and Cpp Insights
Two C++ Tools: Compiler Explorer and Cpp InsightsAlison Chaiken
 
V2X Communications: Getting our Cars Talking
V2X Communications: Getting our Cars TalkingV2X Communications: Getting our Cars Talking
V2X Communications: Getting our Cars TalkingAlison Chaiken
 
Practical Challenges to Deploying Highly Automated Vehicles
Practical Challenges to Deploying Highly Automated VehiclesPractical Challenges to Deploying Highly Automated Vehicles
Practical Challenges to Deploying Highly Automated VehiclesAlison Chaiken
 
Linux: the first second
Linux: the first secondLinux: the first second
Linux: the first secondAlison Chaiken
 
Functional AI and Pervasive Networking in Automotive
 Functional AI and Pervasive Networking in Automotive Functional AI and Pervasive Networking in Automotive
Functional AI and Pervasive Networking in AutomotiveAlison Chaiken
 
Flash in Vehicles: an End-User's Perspective
Flash in Vehicles: an End-User's PerspectiveFlash in Vehicles: an End-User's Perspective
Flash in Vehicles: an End-User's PerspectiveAlison Chaiken
 
Linux: the first second
Linux: the first secondLinux: the first second
Linux: the first secondAlison Chaiken
 
IRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleIRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleAlison Chaiken
 
LISA15: systemd, the Next-Generation Linux System Manager
LISA15: systemd, the Next-Generation Linux System Manager LISA15: systemd, the Next-Generation Linux System Manager
LISA15: systemd, the Next-Generation Linux System Manager Alison Chaiken
 
Automotive Grade Linux and systemd
Automotive Grade Linux and systemdAutomotive Grade Linux and systemd
Automotive Grade Linux and systemdAlison Chaiken
 
Tuning systemd for embedded
Tuning systemd for embeddedTuning systemd for embedded
Tuning systemd for embeddedAlison Chaiken
 
Systemd for developers
Systemd for developersSystemd for developers
Systemd for developersAlison Chaiken
 
Developing Automotive Linux
Developing Automotive LinuxDeveloping Automotive Linux
Developing Automotive LinuxAlison Chaiken
 
Systemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveSystemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveAlison Chaiken
 
Best practices for long-term support and security of the device-tree
Best practices for long-term support and security of the device-treeBest practices for long-term support and security of the device-tree
Best practices for long-term support and security of the device-treeAlison Chaiken
 
Next-Gen In-Vehicle Software Opportunities
Next-Gen In-Vehicle Software OpportunitiesNext-Gen In-Vehicle Software Opportunities
Next-Gen In-Vehicle Software OpportunitiesAlison Chaiken
 

Mais de Alison Chaiken (18)

Not breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABINot breaking userspace: the evolving Linux ABI
Not breaking userspace: the evolving Linux ABI
 
Supporting SW Update via u-boot and GPT/EFI
Supporting SW Update via u-boot and GPT/EFISupporting SW Update via u-boot and GPT/EFI
Supporting SW Update via u-boot and GPT/EFI
 
Two C++ Tools: Compiler Explorer and Cpp Insights
Two C++ Tools: Compiler Explorer and Cpp InsightsTwo C++ Tools: Compiler Explorer and Cpp Insights
Two C++ Tools: Compiler Explorer and Cpp Insights
 
V2X Communications: Getting our Cars Talking
V2X Communications: Getting our Cars TalkingV2X Communications: Getting our Cars Talking
V2X Communications: Getting our Cars Talking
 
Practical Challenges to Deploying Highly Automated Vehicles
Practical Challenges to Deploying Highly Automated VehiclesPractical Challenges to Deploying Highly Automated Vehicles
Practical Challenges to Deploying Highly Automated Vehicles
 
Linux: the first second
Linux: the first secondLinux: the first second
Linux: the first second
 
Functional AI and Pervasive Networking in Automotive
 Functional AI and Pervasive Networking in Automotive Functional AI and Pervasive Networking in Automotive
Functional AI and Pervasive Networking in Automotive
 
Flash in Vehicles: an End-User's Perspective
Flash in Vehicles: an End-User's PerspectiveFlash in Vehicles: an End-User's Perspective
Flash in Vehicles: an End-User's Perspective
 
Linux: the first second
Linux: the first secondLinux: the first second
Linux: the first second
 
IRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleIRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the Preemptible
 
LISA15: systemd, the Next-Generation Linux System Manager
LISA15: systemd, the Next-Generation Linux System Manager LISA15: systemd, the Next-Generation Linux System Manager
LISA15: systemd, the Next-Generation Linux System Manager
 
Automotive Grade Linux and systemd
Automotive Grade Linux and systemdAutomotive Grade Linux and systemd
Automotive Grade Linux and systemd
 
Tuning systemd for embedded
Tuning systemd for embeddedTuning systemd for embedded
Tuning systemd for embedded
 
Systemd for developers
Systemd for developersSystemd for developers
Systemd for developers
 
Developing Automotive Linux
Developing Automotive LinuxDeveloping Automotive Linux
Developing Automotive Linux
 
Systemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveSystemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to love
 
Best practices for long-term support and security of the device-tree
Best practices for long-term support and security of the device-treeBest practices for long-term support and security of the device-tree
Best practices for long-term support and security of the device-tree
 
Next-Gen In-Vehicle Software Opportunities
Next-Gen In-Vehicle Software OpportunitiesNext-Gen In-Vehicle Software Opportunities
Next-Gen In-Vehicle Software Opportunities
 

Último

Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxYogeshKumarKJMIT
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...sahb78428
 
Graphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesGraphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesDIPIKA83
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxjasonsedano2
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfodunowoeminence2019
 
ASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderjuancarlos286641
 
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdf
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdfsdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdf
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdfJulia Kaye
 
Test of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxTest of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxHome
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptxSaiGouthamSunkara
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...amrabdallah9
 
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratoryدليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide LaboratoryBahzad5
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabusViolet Violet
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfRedhwan Qasem Shaddad
 
Gender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 ProjectGender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 Projectreemakb03
 
solar wireless electric vechicle charging system
solar wireless electric vechicle charging systemsolar wireless electric vechicle charging system
solar wireless electric vechicle charging systemgokuldongala
 
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid BodyAhmadHajasad2
 

Último (20)

Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptx
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...
 
Litature Review: Research Paper work for Engineering
Litature Review: Research Paper work for EngineeringLitature Review: Research Paper work for Engineering
Litature Review: Research Paper work for Engineering
 
Lecture 2 .pptx
Lecture 2                            .pptxLecture 2                            .pptx
Lecture 2 .pptx
 
Graphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesGraphics Primitives and CG Display Devices
Graphics Primitives and CG Display Devices
 
Présentation IIRB 2024 Chloe Dufrane.pdf
Présentation IIRB 2024 Chloe Dufrane.pdfPrésentation IIRB 2024 Chloe Dufrane.pdf
Présentation IIRB 2024 Chloe Dufrane.pdf
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptx
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
 
ASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entender
 
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdf
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdfsdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdf
sdfsadopkjpiosufoiasdoifjasldkjfl a asldkjflaskdjflkjsdsdf
 
Test of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxTest of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptx
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptx
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
 
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratoryدليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabus
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdf
 
Gender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 ProjectGender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 Project
 
Lecture 2 .pdf
Lecture 2                           .pdfLecture 2                           .pdf
Lecture 2 .pdf
 
solar wireless electric vechicle charging system
solar wireless electric vechicle charging systemsolar wireless electric vechicle charging system
solar wireless electric vechicle charging system
 
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
 

Automotive Linux, Cybersecurity and Transparency

  • 1. Automotive Linux, Cybersecurity and Transparency Alison Chaiken SCALE 14x alison@she-devel.com Jan 22, 2016 http://she-devel.com/Chaiken_automotive_cybersecurity.pdf
  • 2. ● The Problem(s) -- Legacy designs -- Unclear privacy situation -- DMCA ● Approaches to a Solution -- PKE -- Virtualization -- Architecture-based security -- Open Source
  • 3. 3 Ready or not, here come new regulations Caltrans source link
  • 4. 4 July 2015: Miller and Valasek “state-sponsored” takedown of Jeep source: http://illmatics.com/Remote%20Car%20Hacking.pdf
  • 5. 5 Miller-Valasek: D-Bus service responding to an open 3G port “To find vulnerable vehicles you just need to scan on port 6667 from a Sprint device. . . “
  • 6. 6 Without Over-the-Air Updates, Jeep is stuck Dec. 2015 view of Uconnect update p0wn-to-own
  • 7. 7 The Jeep was running QNX ● QNX is outshipping Linux 6:1 say analysts. ● Many automakers plan cars that run Linux: – GENIVI members: BMW, FAW, CMC, Great Wall, Honda, Hyundai, JLR, Daimler, Nissan, Peugeot- Citroen, Renault, SAIC, Volvo – AGL members: Toyota, JLR, Mitsubishi, Nissan, Honda, Ford, Mazda,Subaru ● So everything's fine, right?
  • 8. 8 What about . . . ● attaching your phone via USB to a rental car? ● leaving your car at a repair shop overnight? How do we . . . ● opt out of automakers' data collection? ● reset a car for sale to factory defaults? Should . . . ● an unpatched car fail its safety inspection? ● law enforcement routinely monitor speed data?
  • 9. We need societal values to inform transportation technological decisions . . . not the other way around!
  • 10. 10 Safety vs. Security Tradeoffs? ● 2-seconds-to-rear-view-camera NHTSA rule enforces minimum boot time. ● Ill-considered regulations can lead to less safety when increased attack surface is factored in.
  • 11. 11 Event Data Recorders: NHTSA decision pending courtesy Nate Cardozo, EFF
  • 12. The surest approach to security: avoid being an attractive target
  • 13. 13 The ONLY way that payment credentials should be stored in a car Connectivity to car systems: double-stick tape
  • 14. 14 Associating broad payment credentials with embedded car systems puts lives in danger.
  • 15. 15 Payment credentials + High Voltage + Connectivity What could possibly go wrong? Ozer Shezaf, http://xiom.com/2013/04/13/who_can_hack_a_plug_the_presentation
  • 18. 18 Preserving anonymity with PKE is Challenging Courtesy B. Lehrmann, 32C3, “Vehicle2Vehicle Communication based on IEEE802.11p”
  • 19. 19 Multiple processor cores with multiple OSes Courtesy Mentor Automotive Driver Assistance, Navigation, Entertainment Linux can be AGL-GENIVI or Android, or one core of each Proprietary or Xen or QNX …
  • 20. 20 Copyright Renesas, “Introduction to CAN”, with permission. Automotive LAN, 2025 Ethernet A/V-B (audio-video bridging) will displace FlexRay and MOST Becomes a packet-filtering firewall EA/V-B EA/V-B
  • 21. 21 Proposal: scantool connection via DB only Single-board server CAN 500 kbps Get rid of hard connections to CAN from passenger cabin. physical firewall
  • 22. 22 Linux kernel's watchdog timer guards against intrusion-caused slowdown Critical application, normal state /dev/watchdog Critical application, failed state; or simple slowdown /dev/watchdog X X REBOOT Must hit critical time window int petdog(unsigned interval) {}
  • 23. Industry Best Practice: ChromiumOS's Verified Boot Balances security with software freedom.
  • 25. 25 EFF wins automotive DMCA Section 1201 exemption 32c3 2015: F. Domcke reverse-engineers the VW-diesel cheat
  • 26. 26 Most exciting development of 2015: OSVehicle
  • 27. 27 Summary ● Adding capability and automation inevitably increases 'attack surface.' ● The FCA-Harman-Sprint installation did not follow best practices. ● The industry as a whole is moving to OTA. ● Considerable open-source activity is underway. ● Traditional Linux security considerations apply equally to cars.
  • 28. 28 References ● Smart Automotive special issue of Telematics Wire ● Nate Willis, “Linux and the Automotive Security Lab” ● “Dieselgate” and V2V communication talks at 32c3 2015 ● EPIC “Internet of Cars” Congressional testimony, 11/18/2015 ● “Vehicle Forensics” SchmooCon 2014 ● “Remote Vehicle Interaction,” AGL meeting, 9/2015 ● Ethernet A/V-B: Junko Yoshida, EE Times ● Automotive Grade Linux and GENIVI ● General Motors' kernel source ● Freenode #automotive IRC ● I Am the Cavalry Five Star Automotive Cyber Safety Framework
  • 29. 29 Acknowledgements Thanks to the following people for comments on, contributions to or support of (but not endorsement of) this presentation: Dan Bartz, Mike Linksvayer, Roni Michaels, Linda Campbell, Charlie Vogelheim, Nate Cardozo, Andre Nakkurth, Julian Palau, Vinli, IBM Enterprise Security
  • 31. Hardware-level security on a device ● x86: TPM, IMA . . . ● ARM: Cortex-R, TrustZone ● Both ARM and x86 solutions have some Linux driver support Image courtesy Chris Turner, ARM
  • 32. 32 Familiar problems, familiar solutions Global Logic: http://tinyurl.com/ojnrbr2 DOM0 and DOMU run on different cores of a processor.
  • 33. 33 Driver drowsiness detection has great potential, but . . . Source: Key Safety Systems
  • 34. 34 Copyright Renesas, “Introduction to CAN”, with permission. Automotive LAN, 2015 >100 microprocessors on MOST, CAN-FD, LIN, FlexRay networks
  • 36. 36 Connectivity may be a bad choice “Shuttle bus withJ1939 air conditioning,” Metropolitan Atlanta Rapid Transit Authority, http://can-newsletter.org The “Thermo King Intelligaire III“
  • 37. 37 Ambient Insecurity: the Internet of Threats “Alternative Web browser-based user interface allows remote programming and status observation” (Safetran Cobalt brochure) Background: Thinking Highways
  • 38. 38 Open Street Map and Ubuntu uNav H/T Linux Unplugged Episode 115
  • 39. 39 CAN Industry Association newsletter, July 24, 2014 Automotive pen-testing
  • 40. 40
  • 41. 41 Courtesy of IHS and E. Juliussen
  • 42. GENIVI Demo Platform Qemu image plus BSPs for RPi, Minnowboard, Nvidia Jetson and Renesas R-Car
  • 43. 43 Source: RTKL blog A typical automotive data center
  • 44. 44 http://tinyurl.com/crbazg9 Chaos Computer Club 2012 video Christie Dudley, Santa Clara University Law School