Annual Computer Security Applications Conference (ACSAC) 2016

Full Program »

T6. Hands-On Interactive Car Hacking

Tuesday, 6 December 2016
08:30 - 12:00

Salon 6B

Modern day automobiles are complex machines which can contain 60-100 embedded Electronic Control Units (ECUs) running on a Controller Area Network (CAN) bus, networks to support these units, and a host of external interfaces, both wired and wireless. A Controller Area Network (CAN bus) is a vehicle bus standard designed to allow microcontrollers and devices to communicate with each other in applications without a host computer and it is a message-based protocol, designed for multiplex electrical wiring within automobiles Wired interfaces can include Universal Serial Bus (USB), compact disks (CDs), digital video disks (DVDs), and secure digital (SD) cards. Wireless interfaces can include short range and long range connectivity, such as via Bluetooth, Wi-Fi, Radio Frequency (RF), cellular, RF from RADAR, etc. The wireless interfaces can support a host of features including: remote Tire Pressure Monitoring Systems (TPMS), telematics, and Smart key keyless entry/ignition start. Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) on the horizon. All of these forms of increased electronic control and connectivity promise tremendous benefits for efficiency, comfort, and driving safety, but also raise the risks of cybersecurity vulnerabilities and attacks.

In this class, students will learn about different vehicle networks and how they work. We will discuss Pulse-Width Modulation (PWM), K-Line protocol, CAN, FlexRay and others. This hands-on course using open source automotive tools will take a deep dive into CAN networks, how they work and how to reverse engineer them. The students will leave the class with all the knowledge necessary to start reversing automotive CAN packets and other diagnostic protocols.


·      Working knowledge of the Linux operating system


1.     Vehicle Networks

2.     Protocol layouts

3.     SocketCAN

4.     CAN, ISO-TP and Unified Diagnostics Services (UDS) protocols

5.     Maually pull UDS information, such as VIN

6.     Interactive demos to train students on reversing several different types of CAN signals

7.     Current challenges in the automotive cybersecurity space

8.     Open source automotive CAN analysis and cybersecurity tools

About the Instructors:

Craig Smith is the Founder of Open Garages. Open Garages is a distributed collective of performance tuners, mechanics, security researchers and artists. Craig is also the author of the Car Hacker's Handbook (2016) and runs a Security Consulting firm that specializes in automotive reverse engineering. Craig has developed many open source utilities to teach CAN bus to students and well as security penetration tools that can uncover vulnerabilities in vehicle and diagnostic systems. Craig has worked in the security field for over 20 years with the last 5 years focused on automotive.

Brendan Harris is a cybersecurity researcher at DOT’s Vlpe National Transportation Systems Center, where he researches how new tools, techniques, vulnerabilities, and mitigations apply to modern vehicle technologies. The goal of this research is to improve automotive cybersecurity best practices and industry standards through stakeholder engagement, technology transfer, and community development. Brendan also provides technical expertise to the Intelligent Transportation Systems Joint Program Office's (ITS JPO) Connected Data Systems (CDS) program, which aims to exploit real time data from vehicles, travelers, and infrastructure to enhance transportation operation practices and surface transportation system management.


Powered by OpenConf®
Copyright©2002-2016 Zakon Group LLC