Car Security Diary: Our Connected Vehicle Journey — by Car Security Quarter (CSQ)
Updated: Dec 28, 2020
SINCON 2020 Conference Deep-Tech Track
Day 2 (3 Jan 2021)
@ Main Stage
Automotive makers have advanced the way humans interact with their vehicles. Modern day vehicles now offer a whole suite of features and functions to enhance drivers' experience through communications with external devices and wireless infrastructure, creating what is known as Connected Vehicles.
In Infosec In the City, Singapore 2019, we spoke about how we built a prototype (Test Bench 1) to learn more about Automotive Cybersecurity. Continuing from our previous journey from Test Bench 1, we will now delve into Connected Vehicles and explore the journey of creating Test Bench 2. We will introduce new protocols apart from CAN bus and explain the overall architecture of the vehicles that we are working on, features vs. vulnerabilities. Finally, we will point out some of the learning points and challenges.
About the Speakers
ALINA (0x410x54) TAN is the founder of Division Zero’s (Div0) Car Security Quarter (CSQ). Her expertise lies in securing Operational Technology (OT), Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems — specifically on the offensive security of these systems. Her interest lies in pentesting OT and automotive systems.
EDMUND LIM is an experienced software functional tester and vehicle tester. He is also the pioneer member of Div0’s Car Security Quarter (CSQ). Making a switch into cybersecurity, his interest lies in hardware hacking and pentesting in automotive systems as a start. #animallover #gamer
TAN PEI SI (Kaskrex) is a seasoned developer with a strong interest in cybersecurity. Pei Si is an active advocate in the Singapore cybersecurity community — she actively contributes to Division Zero (Div0) and Infosec In the City, SINCON. She is also the pioneer member of Div0’s Car Security Quarter (CSQ). Pei Si’s interest lies in Digital Forensics and Incident Response (DFIR), hardware hacking and DevSecOps.