lecture: Infotainment systems hacking


Infotainment systems in modern cars are very powerful devices which can interact with different subsystems in the car... But are they as safe as we would hope they should be?

Modern car has more software in it then the average fighter plane. All systems are controlled by a piece of code running in one of hundreds of separate computers available in a normal car.

The most accessible computer are in the cabin itself as they are within the reach of passengers even without any special tools and knowledge.
But what can go wrong? Just imagine...

These devices have internet connectivity, can pair with a phone, offer in car wireless and Bluetooth connections.

Running underlying RTOS is expected to be secure, but there are always issues, and as these devices are commonly just OEM devices, a single vulnerability could impact more than just a single model or manufacturer.

These devices, when taken over by malicious actor can be used as a stepping stone to reach other, more critical car control systems.

In this session we will cover basics of car electrical systems, infotainment system architecture, most common protocols, QNX OS, and demonstrate some of the most common attacks on such systems.


Day: 2019-09-13
Start time: 14:30
Duration: 01:00
Room: Tesla


Concurrent events

seccomp — Your Next Layer of Defence