Under Pressure: Real World Damage With TPMS Spoofing - DefCamp - 2019

Explore a conference talk from DefCamp 2019 that delves into the real-world implications of TPMS (Tire Pressure Monitoring System) spoofing. Learn about the vulnerabilities in TPMS technology, attack scenarios, and the research process behind identifying and exploiting these weaknesses. Discover the technical aspects of TPMS signals, including baseband analysis, Manchester encoding, and tire ID parsing. Examine practical experiments demonstrating low tire pressure and vehicle spoofing, along with the challenges faced during the research. Discuss the responsibilities of manufacturers, potential mitigation strategies, and the broader implications for autonomous driving. Gain insights into the learning process from failures and the importance of scale in automotive security. Engage with thought-provoking questions about the Barbra Streisand Effect, spoofing in parking lots, and manufacturers' priorities in addressing these security concerns.

Introduction
What is TPMS
Attack scenario
Status report
First signal
Second signal
Research
FCC ID
Baseband
Receiver
Statistical Analysis
Manchester Encoding
Tire ID
Parse
Receiving signals
Proofing signals
Experiment
Low Tire Pressure
Vehicle Spoofing
Backend Setup
Challenges
Responsibility
Encryption
How to mitigate
The message
The challenge accepted
How the world works
Scale matters
Learning from failure
Questions
Barbra Streisand Effect
Spoofing in Parking Lot
Implications on Autonomous Driving
Whats more important to car manufacturers