- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo - - PowerPoint PPT Presentation

securing santa s sleigh
SMART_READER_LITE
LIVE PREVIEW

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo - - PowerPoint PPT Presentation

Nov 30, 2023 34 likes •347 views

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel Overview 1. Automotive Networks 2. SecVI Research Project 3. Software-Defined Networking

slide-1
SLIDE 1
  • Securing Santa‘s Sleigh -

INET XMAS Presentation 2018 by Timo Häckel

slide-2
SLIDE 2
  • Securing Santa‘s Sleigh -

INET XMAS Presentation 2018 by Timo Häckel

slide-3
SLIDE 3

Overview

  • 1. Automotive Networks
  • 2. SecVI Research Project
  • 3. Software-Defined Networking (SDN)
  • 4. Time-Sensitive Software-Defined Networking (TSSDN)
  • 5. Current State and Outlook
  • 6. Party

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-4
SLIDE 4
  • 1. Automotive Networks

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
  • Electronic Control Units (ECU’s)
  • About 100 ECU’s in Premium Vehicles
  • Different Strength
  • Different Transmission Media
  • Bus Technologies (CAN, LIN, FlexRay, etc.)
  • Point-to-Point Connections (Ethernet)
  • Cross-Communication for Advanced Functions
  • Step-by-Step to Ethernet
slide-5
SLIDE 5
  • 1. Automotive Networks

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
  • Advantages of Ethernet
  • Simple and Efficient Communication Architecture
  • Availability of the Technology
  • High Bandwidth
  • But: No Real-Time Guarantees
  • Real-Time Extensions to Ethernet
  • Time-Triggered Ethernet (TTE - AS6802)
  • Audio Video Bridging (AVB - 802.1QBA)
  • Time-Sensitive Networking (TSN - 802.1Q)
slide-6
SLIDE 6
  • 1. Automotive Networks

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
  • Opening the Network to the Outside
  • Radio Communication
  • Cloud Connection
  • Car-to-X Communication
  • Current vehicles are vulnerable!

https://www.youtube.com/watch?v=RZVYTJarPFs

slide-7
SLIDE 7

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-8
SLIDE 8

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-9
SLIDE 9

Security for Vehicular Information 04/2018 - 03/2021

  • 2. SecVI Research Project

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-10
SLIDE 10
  • 2. SecVI Research Project

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -

Infotainment:

  • Bluetooth
  • WiFi
  • Radio
  • USB
  • CD

Keyless Entry OBD-II TPMS Car-To-X Internet Connection

  • Attack Surface

Hardware Access

slide-11
SLIDE 11
  • 2. SecVI Research Project

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
  • Goal: Creating a Robust, Secure and Updatable

Communication Architecture

  • Building Blocks
  • Security Defense Center (Backend)
  • Secure Gateways (Firewalls)
  • Secure Networking (SDN + Anomaly Detection)
  • Secure Communication (Encryption, etc. )
  • Secure Boot
  • Secure Update
slide-12
SLIDE 12
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-13
SLIDE 13
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-14
SLIDE 14
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-15
SLIDE 15
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-16
SLIDE 16
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-17
SLIDE 17
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-18
SLIDE 18
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-19
SLIDE 19
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -

ABS Controller BL Break

slide-20
SLIDE 20
  • 3. Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -

Attacker BL Break

slide-21
SLIDE 21
  • 3. Software-Defined Networking
  • Advantages:
  • 1. Vendor Neutral Centralized Network Logic
  • 2. Global Network Knowledge
  • 3. Robustness
  • 4. Security Applications
  • But: We need to avoid the single point of failure.

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-22
SLIDE 22
  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
  • Goal:
  • Make TSN Controllable by an SDN Controller
  • Make SDN Real-Time Capable and TSN Compatible
  • Steps:
  • Combine the Switch Architecture
  • Extract the TSN Control Logic
  • Extend OpenFlow to Allow Real-Time Flows
slide-23
SLIDE 23
  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -

Ingress Port Egress Ports MAC-based Forwarding MAC Table

slide-24
SLIDE 24
  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

Ingress Port Egress Ports MAC-based Forwarding MAC Table Per-Stream Filtering and Policing Enhancements for Scheduled Traffic SR Table Schedule Time Sync

  • Securing Santa‘s Sleigh -
slide-25
SLIDE 25

Forwarding Plane

  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

Ingress Port Egress Ports MAC-based Forwarding MAC Table

  • Securing Santa‘s Sleigh -
slide-26
SLIDE 26

Forwarding Plane

  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

Ingress Port Egress Ports Flow-based Forwarding Flow Table

  • Securing Santa‘s Sleigh -
slide-27
SLIDE 27

Management Plane Control Plane Forwarding Plane

  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

Ingress Port Egress Ports Flow-based Forwarding Flow Table Network Applications SDN Controller

Open Southbound API Open Northbound API

  • Securing Santa‘s Sleigh -
slide-28
SLIDE 28

Management Plane Control Plane Forwarding Plane

  • 4. Time-Sensitive Software-Defined Networking

INET XMAS Presentation 11.12.2018 by Timo Häckel

Ingress Port Egress Ports Flow-based Forwarding Flow Table Network Applications SDN Controller

Open northbound API Open southbound API

Per-Stream Filtering and Policing Enhancements for Scheduled Traffic

SR Table Schedule

Time Sync

  • Securing Santa‘s Sleigh -
slide-29
SLIDE 29
  • 5. Current State and Outlook
  • Currently
  • Implementing Time-Sensitive Software Defined Networking
  • Exploring SDN Hardware and Openflow Simulation
  • Exploring Automotive Network Security, Attacks and Countermeasures
  • Future
  • Introducing SDN to our Demonstration Vehicle
  • Implement Whitelists for Known C-Matrix of a Vehicle
  • Let the CCC try to hack the demo vehicle

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-30
SLIDE 30
  • 6. Any Questions?

INET XMAS Presentation 11.12.2018 by Timo Häckel

  • Securing Santa‘s Sleigh -
slide-31
SLIDE 31

XMAS Party