It has been a few years since the first car hacking case was reported. Since then, there have been various car security-related research papers, presentations, books, etc. For example, we talked about PKE system relay attack in 2017 at HITBSecConf and we reported this issue to Telsa and GM. Telsa did add certain features to disable PKE. and we talked about the key fob rolling code encryption key initialization and management issues at DEFCON in 2016. We reported this issue to GM and they are working on solving this. We also talked about CAN Bus intrusion detection in 2016 at HITB.
In this talk, we are planning to do a summary and forecast of the vulnerabilities that hacker/security researchers used or will be using to attack cars.
We will discuss the common mistakes car manufacturers made, for example, firmware signature, feature segregation, etc. We will also talk about potential attacks targeting novel technologies, for example, the Advanced Driver Assistance Systems (ADAS), Computer Vision (CV) used by autonomous cars to detect lanes, and traffic signs recognition and objects detection that use deep learning, Lidar ,ultra sonic sensors etc.