YoVDO

There Will Be Glitches - Extracting and Analyzing Automotive Firmware Efficiently

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Automotive Engineering Courses Security Testing Courses

Course Description

Overview

Explore automotive security vulnerabilities and hacking techniques in this Black Hat conference talk. Delve into the world of extracting and analyzing automotive firmware efficiently, focusing on an Instrument Cluster as the target. Learn about fault injection techniques, including tooling and glitching methods to bypass security checks and access memory. Discover the process of finding optimal parameters through randomization and understand the challenges of achieving a 100% success rate. Examine static analysis approaches, emulation of CPU architecture, and implementation of peripherals. Gain insights into execution tracing, taint tracking, and the importance of debug interfaces. Discuss electromagnetic fault injection, universal applicability of fault injection techniques, and strategies for hardening ECU hardware, software, and design. Acquire key takeaways on automotive security and the prevalence of glitches in embedded systems.

Syllabus

Intro
Today we target an Instrument Cluster
Let's get our target's firmware!
Quick analysis of our dashboard
Fault Injection - Tooling
What happens when we glitch?
Fault Injection breaks things!
Glitching the Security Access Check Results
Glitching ReadMemoryByAddress Results
Fault Injection demo setup
Finding the right parameters: Randomize
There is a relationship!
Why not a 100% success rate? :'
The Plan
Static analysis?
Tools?
What do we need?
Emulating the CPU architecture
"Implementing" peripherals
How difficult was it?
Why write an emulator?
Execution tracing
Taint tracking
Demo Time!!!
Wrap up!
Debug interfaces
Electromagnetic Fault Injection
Fault Injection is universal
Hardening ECU hardware
Hardening ECU software
Hardening ECU design
Key takeaways
There were glitches... hopefully!;


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube