An introduction to Bosch Engineering's work on small-series projects like autonomous excavators and high-performance cars, where security is critical.
Early academic research demonstrated how to compromise cars through vectors like manipulated MP3 files and spoofed tire pressure sensors.
The infamous remote hack of a Jeep Cherokee over its cellular connection forced the industry to take remote threats seriously.
Modern attacks target convenience features, from signal relaying for keyless entry to sophisticated hacks for stealing Teslas and manipulating digital odometers.
Attackers are driven by curiosity and the need for self-repair, while the high cost of vehicles has historically been a major barrier to research.
Developers now face increasing system complexity, supply chain attacks, ransomware threats, and a growing attack surface from vehicle connectivity.
Software now controls every aspect of a modern vehicle, introducing risks like integer overflows that can have catastrophic consequences in autonomous systems.
Replacing traditional key fobs with smartphones offers enhanced security and enables new convenient services like seamless digital keys for rental cars.
New regulations like ISO 21434 and UNECE mandates will require manufacturers to implement and audit verifiable security processes throughout the vehicle lifecycle.
Developers can stay informed about the latest threats and research by following industry groups like the Automotive Security Research Group (ASRG).
A discussion covering complex topics like liability in autonomous accidents, security standardization, preventing hardware hacking, and the potential for centralized failures.
22:09Henning Harbs
58:59Davor Frkat
43:56Mauro Verderosa
29:34Reto Kaeser
51:41Panel Discussion
44:30Milecia McGregor
1:54:28Kurt Eder
41:03Joachim Werner
Jobs that call for the skills explored in this talk.
e.solutions GmbH
Excellence AG
Vesterling Consulting GmbH
Manndeckung GmbH
Schozach-Bottwartal GVV, Germany