• Infosec In the City (IIC)

From Zero to Hero(-ish): Your Journey to Car Hacking Begins — by Car Security Quarter (CSQ)

Updated: Dec 26, 2020

SINCON 2020 Conference Workshop Track


Day 1 (2 Jan 2021)

11.30am—1.30pm

@ Workshop Room


[SINCON 2020 Conference Full Schedule]


Workshop Outline

The workshop will cover theoretical vehicular knowledge and practical hands-on activities on ICSIM for participants to gain an in-depth understanding of the basics of vehicular technology and its protocols:


Theoretical vehicular knowledge

  • Introduction to Vehicular Architecture and Technology – Traditional vehicles, Connected Vehicles and Autonomous Vehicles

  • Overview of Basic Vehicle Networks and Protocols – (e.g. CAN Bus, Flexray bus, J3016 standard, etc.)

  • Introduction to Vehicle Threat Landscape

  • Introduction to International Vehicular Standards

  • Introduction to CAN bus protocol

  • Introduction to Car hacking tools

Identifying the different CAN types

  • Introduction to ISO-TP protocol

  • Introduction to UDS (Unified Diagnostic Systems)

  • Introduction to MOST/LIN/FlexRay/Automotive Ethernet

Practical hands-on activities on ICSIM

  • Capture CAN bus traffic

  • Replaying CAN bus traffic

  • Reverse engineer the CAN bus

  • Spoofing the CAN bus traffic

Laptop Requirements

  • Windows 7 and above

  • Kali VM or Ubuntu VM

  • Administrative Privileges

CTF

Test out your newly acquired car security skills at the SINCON 2020 Car Security CTF.


About the Instructors

ALINA (0x410x54) TAN is the founder of Division Zero’s (Div0) Car Security Quarter (CSQ). Her expertise lies in securing Operational Technology (OT), Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems — specifically on the offensive security of these systems. Her interest lies in pentesting OT and automotive systems.


EDMUND LIM is an experienced software functional tester and vehicle tester. He is also the pioneer member of Div0’s Car Security Quarter (CSQ). Making a switch into cybersecurity, his interest lies in hardware hacking and pentesting in automotive systems as a start. #animallover #gamer


TAN PEI SI (Kaskrex) is a seasoned developer with a strong interest in cybersecurity. Pei Si is an active advocate in the Singapore cybersecurity community — she actively contributes to Division Zero (Div0) and Infosec In the City, SINCON. She is also the pioneer member of Div0’s Car Security Quarter (CSQ). Pei Si’s interest lies in Digital Forensics and Incident Response (DFIR), hardware hacking and DevSecOps.


​JAVIER YONG is currently awaiting his University Studies in Computer Science. He is keen on DFIR, Threat Hunting, DevSecOps and Reverse Engineering.

422 views0 comments