Talks & Presentations

30.10.2019 - Meetup - Autonomous Vehicle Safety & Security

If you want to come Please register under this link
we have limited places
https://www.meetup.com/de-DE/Autonomous-Vehicle-Safety-Security/events/264891448/

In the 21st century the automotive industry is facing three unprecedented disruptions: 1) connected cars, 2) electrification of cars and 3) driverless cars. All these three disruptions, especially autonomous vehicles come with safety & security challenges that are also unprecedented in the history of the automotive industry. As far as safety is concerned the current industry-standard ISO 26262 does not address autonomous driving and puts a lot of responsibility on the human driver. To cover such, gap the industry is coming up with a new standard called SOTIF (Safety of the Intended Functionalities). Moreover, since the vehicles will be connected to the internet we will have security changes that can even have safety consequences. The industry standard for security that is supposed to be published by the end of 2019 or beginning 2020, ISO 21434, also does not address autonomous driving. Clearly, the automotive industry needs to work on these issues and need new guidelines and standards. The mission of our meetup group is to start a dialog and understand where the industry is going.

Mehr erfahren

Meetup - Autonomous Vehicle Safety & Security

If you want to come Please register under this link
we have limited places
https://www.meetup.com/de-DE/Autonomous-Vehicle-Safety-Security/events/262385867/

The event will be streamed live and recorded.

Live Stream: http://bit.ly/MatrickzTV-LIVE-31-07-19
Last Meetup: https://www.youtube.com/watch?v=4sUVdCNsfW8
Our Car Hacking Video: https://www.youtube.com/watch?v=4EVualAhHMc

Autonomous Vehicle Safety & Security Meetup, Munich
31 July 2019, Jointly organized by Matrickz GmbH

In the 21st century the automotive industry is facing three unprecedented disruptions: 1) connected cars, 2) electrification of cars and 3) driverless cars. All these three disruptions, especially autonomous vehicles come with safety & security challenges that are also unprecedented in the history of the automotive industry. As far as safety is concerned the current industry standard ISO 26262 does not address autonomous driving and puts a lot of responsibility on the human driver. To cover such, gap the industry is coming up with a new standard called SOTIF (Safety of the Intended Functionalities). Moreover, since the vehicles will be connected to the internet we will have security changes that can even have safety consequences. The industry standard for security that is supposed to be published by the end of 2019 or beginning 2020, ISO 21434, also does not address autonomous driving. Clearly, the automotive industry needs to work on these issues and need new guidelines and standards. The mission of our meetup group is to start a dialog and understand where the industry is going.
In this episode of the podcast, we have guests from academia and also from the leading Tier-1 and OEMs.

Mehr erfahren

Designing safe and secure autopilots for the urban environment

Speaker: Dr. Hasan I. Akram
Event: System Safety and Cyber Security 2016
SSCS is the largest conference for system safety specialists held in the UK; and the only conference where both safety and security engineers from around the world can meet and share ideas, new research and network.

Mehr erfahren

The Interdependency of Functional Safety and Security

Speaker: Dr. Hasan I. Akram
Event: Functional Safety meets ADAS, 2017

Mehr erfahren

Exhibitions

Safety meets Security 2019

Stuttgart

Organizer: Hanser

Mehr erfahren

safetronic.2019

Stuttgart

Organizer: Hanser

Mehr erfahren

Forum Safety & Security 2017

Organizer: WEKA Fachmedien

Mehr erfahren

Safety meets Security 2017

Stuttgart-Nürtingen

Organizer: Hanser

Mehr erfahren

Publications

Security Testing over Encrypted Channels on the ARM Platform. In Proceedings of the 12th International Conference on Internet Monitoring and Protection (ICIMP 2017), 2017 Kilic, Fatih, Benedikt Geßele, and Hasan Ibne Akram

Abstract: Security Testing has been applied for many years to detect vulnerabilities in applications. With the increasing demand for encryption to protect the confidentiality of network data, the requirements have changed. When proprietary, closed source software uses end-to-end encryption, security testing tools which are fuzzing the application layer over network with plaintext data will eventually fail. The Intrusion Detection Framework for Encrypted Network Data (iDeFEND) framework circumvents this problem without violating the security of the end-to-end encryption. Unfortunately, the framework cannot be used on the Advanced RISC Machines (ARM) platform, since it uses architecture depended features of x86. In this paper, we transfer iDeFEND to the ARM architecture and thereby, make it suitable for testing applications on embedded devices. In addition, we discuss the limitations of the current framework and improve it with novel methods to provide a more generic approach for security testing. We present a generic method for inspecting data on encrypted channels. Our approach does not require any knowledge of the structure of the wrapper function for receiving and decrypting like iDeFEND. Furthermore, we present a solution to test and inspect applications that are using packet queues. Finally, we evaluate our approach on popular mobile applications.

Mehr erfahren

Security-Architektur zum Schutz vor Cyber-Attacken, Hanser Automotive, October 2016 Norton, Stephen, Hasan Ibne Akram and Wolfgang Mickisch

Abstract: Selbst bei einem streng nach ISO 26262 entwickelten Autopiloten können Cyber-Attacken die Sicherheitsmechanismen wieder aushebeln. Ein hinreichend schneller Aufbau von Schutzmaßnahmen erfordert dringend eine möglichst rasche industrieweite Standardisierung von Security-Anforderungen und Schnittstellen. Dazu wird von den Autoren ein pragmatisches, aber dennoch effektives Konzept mit einer 2-Schichten-Architektur vorgeschlagen.

Mehr erfahren

Designing safe and secure autopilots for the urban environment, 11th International Conference on System Safety and Cyber-Security (SSCS 2016), London, 2016, pp. 1-6. Norton, Stephen and Hasan Ibne Akram

Abstract: This paper analyses safety and security risks posed by the introduction of autopilot functions for road vehicles. Drawing on lessons learned from the aviation industry, the authors make the case for standardising the behaviour and interfaces of advanced driver assistance systems. This paper proposes a modular functional architecture to support both iterative development and an iterative increase in security sophistication. The authors define security goals for their modular architecture based on their analysis of the threat and propose a pragmatic approach to achieve these security goals.

Mehr erfahren