fs form La
ation a pour
but de form
des er cia spé
tes lis n inf e
ormat de ique
veau ni + 5 Bac
qui
ent soi u fa a
des it derni
s t ère echnol
ogies n m e
re de atiè ystè s
em me barqué
obile m t s s e
ûrs
prena com nt :
Langa • ges de
program ion pour l mat
barqué ’em ava : J
, C, C++
,…
Pla • orme d’e tef
xécut : J ion
M ava ava E, J
Card , Androi
d, iO SE S, O
K, …
Réseau • obile x m
s, ré ux sea
apt de c ; eurs
Pla • ormes tef
barqué em es de
conf e : c ianc
es à art puce, T
, TE PM E,…
Tec • hnologi
pour la es ise m
n pl e d’a ace
pplic ation
urisé séc crypt e (
ographi séc e,
urité
orm inf atique
, déte ction d’i
ntrus ion, …
) !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!! tri .indus ww //w tp: ht
1P. Paradinas - 2013
!
!
!
er Mast
MS : és SE qu bar Em es èm Syst
ile Mob
rs qu ati s Sû rm nfo t I men rte Dépa CNAM –
e ITI e S Écol Sel
on pl urs usie
étude les s
ystè s e mes
rqués mba un sont
domai des des nes
Nouve s lle
hnologi Tec de l es
’Inform ation de l et
a Com cat muni
les ion us a pl s e ctif
rme n te réat de c
ion
ploi d’em t de s e géné ration de vale
ur pour l ntre es e prise u tra s a d’appl vers
tions ica innova . ntes
e l Comm ouligne e s « le
rappor otie t P
1 r les », ystè s e mes
rqués mba e l ne s
ite im nt pa u s a
domai ne de ystè s s
te mes ré mps
cri el tique s lié ux app s a
ations lic ass cl
s du ique nsport tra
ou et/
du cont
rôle-mande com exi . Il
aus ste de trè si
s nom breux
res aut domai
qui e nes rquent mba
du
éri mat t du el e cie logi
ompl l c à exe
ise réal r en résol le vant
ontra s c es int
es fort de pri x, sé té, curi
bilit fia efficacité é,
et de lit qua
se é de rvice fert s of
omm s c les e :
art c à puc es la e,
éphoni tél e
le, mobi gest la
des ion meubl im
la es, ion gest
éne des rgies , l’i lige ntel
am nce biant t l e e
es
ica appl tions tourné es ve
rs la pers
onne. Inf ent em part le dé et M CNA Le
ormat de ique
’écol l SIT e
Sci I ( e enc
Industri e elle
t
hnologi Tec de l es
ormat ’Inf ion) ont m
en is e l plac
Mas e SEM ter
Sys S : s Emb tème
és arqu
ile Mob t S s e pe ûrs
tant rmet pré de
r le pare tudi s é
s a ant étie ux m
rs du veloppe dé
de ment
tèm sys em es
barqué obile s m
ûrs. à s s ocié ass st S e EM -S Le Master
col l’E tiona e na
supé le rieure nform d’i
atique pour ndustri l’i
t e e
ntre l’e prise l’E , à
e Ce col le ntra
d’éle ctroni que de
ari P l'Ins s, ut S tit
upérie ur d' ctroni Ele
que de
s s Pari ous f orme bilit d’ha
ation pour l’E
E ( NSIE http:
ww //w iie .ens
.fr) de c et
onvent pour ion
CE (ht l’E //e tp:
r) e ce.f ISE t l' http: P (
ww //w p.fr/ .ise
). s de ant tudi s é à de té priori en stiné de est er ast Ce M
veau ni ter mas
ormat inf ( ique
maste 1 r M
n d ou e ièr ern
née e an 'éc d d'in ole
eu géni ), a r un yant
goût prononc é pour
a les pplic ations
les mobi barqué , em
es dé veloppé
es de mani
séc ère urisé t s e e ûre.
cti Obje
fs form La
ation a pour but de
form des er
cia spé tes lis n inf e ormat
de ique veau ni + 5 Bac
qui
ent soi u fa a des it
derni s t ère
echnol ogies
n m e re de atiè
ystè s em me
barqué obile m
t s s e ûrs
prena com nt :
Langa • ges de
program ion pour l mat
barqué ’em ava : J
, C, C++
,…
Pla • orme d’e tef xécut
: J ion M ava
ava E, J Card , Androi d, iO
SE S, O K, …
Réseau • obile x m
s, ré ux sea
apt de c ; eurs
Pla • ormes tef barqué em
es de conf e : c ianc
es à art puce, T
, TE PM E,…
Tec • hnologi
pour la es ise m
n pl e d’a ace
pplic ation urisé séc
crypt e ( ographi
séc e, urité
orm inf atique , déte
ction d’i ntrus
ion, …
) !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!! e.gouv. tri .indus ww //w tp: ht 1
logi fr/
l-em cie que/ bar
!
Automotive
More and more ECU in a car
A CAN bus (Controller Area Network)
47
Low-Speed High-Speed
Component Functionality Comm. Bus Comm. Bus
ECM Engine Control Module
Controls the engine using information from sensors to determine the amount of fuel, ignition timing, and other engine parameters.
X
EBCM Electronic Brake Control Module
Controls the Antilock Brake System (ABS) pump motor and valves, prevent-ing brakes from lockprevent-ing up and skiddprevent-ing by regulatprevent-ing hydraulic pressure.
X
TCM Transmission Control Module
Controls electronic transmission using data from sensors and from the ECM to determine when and how to change gears.
X
BCM Body Control Module
Controls various vehicle functions, provides information to occupants, and acts as a firewall between the two subnets.
X X
Telematics Telematics Module
Enables remote data communication with the vehicle via cellular link. X X RCDLR Remote Control Door Lock Receiver
Receives the signal from the car’s key fob to lock/unlock the doors and the trunk. It also receives data wirelessly from the Tire Pressure Monitoring System sensors.
X
HVAC Heating, Ventilation, Air Conditioning
Controls cabin environment. X
SDM Inflatable Restraint Sensing and Diagnostic Module
Controls airbags and seat belt pretensioners. X
IPC/DIC Instrument Panel Cluster/Driver Information Center
Displays information to the driver about speed, fuel level, and various alerts about the car’s status.
X
Radio Radio
In addition to regular radio functions, funnels and generates most of the in-cabin sounds (beeps, buzzes, chimes).
X
TDM Theft Deterrent Module
Prevents vehicle from starting without a legitimate key. X
Table I. Key Electronic Control Units (ECUs) within our cars, their roles, and which CAN buses they are on.
The CARSHARK Tool. To facilitate our experimental analysis, we wrote CARSHARK— a custom CAN bus ana-lyzer and packet injection tool (see Figure 4). While there exist commercially available CAN sniffers, none were ap-propriate for our use. First, we needed the ability to process and manipulate our vendor’s proprietary extensions to the CAN protocol. Second, while we could have performed limited testing using a commercial CAN sniffer coupled with a manufacturer-specific diagnostic service tool, this combination still doesn’t offer the flexibility to support our full range of attack explorations, including reading out ECU memory, loading custom code into ECUs, or generating fuzz-testing packets over the CAN interface.
IV. INTRA-VEHICLENETWORKSECURITY
A. CAN Bus
There are a variety of protocols that can be implemented on the vehicle bus, but starting in 2008 all cars sold in the U.S. are required to implement the Controller Area Network (CAN) bus (ISO 11898 [17]) for diagnostics. As a result, CAN — roughly speaking, a link-layer data protocol — has become the dominant communication network for in-car networks (e.g., used by BMW, Ford, GM, Honda, and Volkswagen).
A CAN packet (shown in Figure 5) does not include addresses in the traditional sense and instead supports a publish-and-subscribe communications model. The CAN ID header is used to indicate the packet type, and each packet is both physically and logically broadcast to all nodes, which then decide for themselves whether to process the
?
Security/safety
Part of the bus is dedicated to critic systems
Part of the bus is dedicated infotainement systems New scenario is:
The control is taken by external entity on the car Control may be used to corrupt car function
Security issues on the CAN bus Broadcast Nature
Fragility to DoS
No Authenticator Fields Weak Access Control
Other domains
Airplane
DO178B & DO178C
& ARINC 653
…
Smart grid and privacy
Your electric consumption is related to what TV program you watch !s
Bibliograhy
Books:
Computer Security - Art and Science, Matt Bishop, Addison Wesley, 2003 Security Engineering, Ross Anderson, Addison Wesley
Cryptography and Data Security - Addison Wesley, Dorothy Denning, 1982
Available on the web
Web
http://www.schneier.com/
http://www.autosec.org Rapport Pottier