· Audi airbags can be cracked and the security system can also "kill"

<

Lead: Recently, three foreign "hackers" once again used the car's third-party software 0day vulnerability to successfully attack the Audi TT car's airbag and shut it down. It should be noted that the February 2015 US General Motors OnStar system security vulnerability has just been exposed to security risks. In July 2015, two "hackers" invaded the Cherokee car networking system in the United States, and obtained the Cherokee IP address through cellular data, allowing the car to communicate with the fake mobile base station. "This can also attack cars within 800 kilometers. Not a problem," said Miller, who cracked one of Cherokee's "hackers."

At the "5th China Body Electronics and Network Technology Forum" held in Shanghai on November 26-27, the China Automotive Consulting Center Network focused on the issue of "safety, cost and safety". Redefinition.

The consequence of being cracked is that the Cherokee was remotely controlled and turned into the ditch along the road. Subsequently, Chrysler announced the recall of approximately 1.4 million cars with software vulnerabilities in the United States, the first car manufacturer to recall cars due to hacking risks.

The "hackers" who cracked the Audi TT airbags were András Szijj and Levente Buttyán from CrySyS Labs, and Zsolt Szalay from the Budapest Institute of Technology and Economics.

The car networking vulnerabilities they exploit are from third-party security software, which is currently used by many car brands. Different from Miller's long-range hijacking of Cherokee, the three "hackers" need to use a PC to access the Audi TT through the USB port, in order to hijack the car and achieve the action of turning off the car airbag.

In fact, many microcomputers are installed in cars, all over the engine and various components. This gives the "hacker" the ability to find all the pieces of information, block the information, and then control the car. From cracking Tesla last year, to cracking BYD Qin's automatic shifting system this year, and then to cracking Cherokee and Audi airbags.

When cracking Cherokee's car networking system, the "hacker" did not have any authorization settings by discovering the car firmware V850, which made it easy for them to send CAN bus information to critical electronic control units using different hardware of the car.

When the car connected to WIFI, the hacker who cracked the Cherokee also discovered the password vulnerability of WPA2. Although only a few seconds a day can find the password, they still give them a chance. When a part of Cherokee sets the password for the first time, the GPS setting will have a default time password, and the hacker will calculate the corresponding data based on the password.

At present, car network security vulnerabilities frequently occur, and it is not unrelated to the upgrade of smart cars and new energy technologies. In this context, the “5th China Body Electronics and Network Technology Forum” hosted by China Automotive Consulting Center Network focuses on the platform and architecture design of vehicle networks, as well as experience in testing technology and network security, especially It is necessary to pay attention to the traditional IT industry's ability to learn from automotive electronics.

Because the hacker upgrades the cracking means, it is often connected to the smartphone as an entry point by inserting the vehicle diagnostic port. Once the smartphone is connected to the in-vehicle network, there is a security risk in the basic security of the car and the personal information of the driver.

Therefore, the high intelligence of the automotive industry is gradually facing the same security crisis as the Internet. From Tesla to the domestic new energy vehicle BYD Qin, to the traditional car Cherokee and Audi TT and other system loopholes, hacking attacks began to be associated with the automotive industry.

This requires car manufacturers and related industry chains to fully consider information system security in design, development and testing, and the government promotes the establishment of corresponding norms, standards and systems. The cooperation between the automotive and network security industries should also be normalized to jointly address and solve the ever-changing security problems of the Internet of Vehicles.

This forum focuses on

1. Architecture design for complex applications

2. Hardware Testing and Networked Car Data Security

3. Modular automotive electronics development process

4. CANFD, LAN design and integration technology

5. Automotive electronics cost and energy consumption control

The focus of this forum on "security"

1. How to establish a development model and system for networked car network security

2. How can the new generation of MCU technology improve the safety of connected cars?

3. Security threat analysis based on real attack and defense testing

4. More sophisticated user access control: how to implement network public key verification and encryption algorithm

5. Threat modeling and defensive programming: addressing new challenges in data security

6. How to assess the resources and costs of implementing network data security?

Forum official website:

Http://

Attendance Contact: Miss Chen Telephone

Mobile email: eva.

GLOSSY PRINTING&POUCHING FILMS

FEATURES:

High trandparency and gloss.

Excellent oxygen and oil barrier.

Excellent mechanical properties.

Excellent ink and coating adhesion.

Low static performance.

Excellent flatness.

High trandparency and gloss,Excellent oxygen and oil barrier performance,Low static performance

GR (SHANDONG) NEW MATERIAL CO., LTD , https://www.grfilmcn.com