CAR HACKING VILLAGE - Flash Bootloaders Exposing Automotive ECU updates

113

Cite

DEF CON

Lapczynski, Philip

Formal Metadata

Title

CAR HACKING VILLAGE - Flash Bootloaders Exposing Automotive ECU updates

Title of Series

DEF CON 26

Number of Parts

322

Author

Lapczynski, Philip

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/39853 (DOI)

Publisher

DEF CON

Release Date

2018

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Unified Diagnostic Services (UDS) provides a powerful interface into vehicle diagnostics. OEMs use these services to update firmware, manipulate calibration data, send and receive information from vehicle ECUs, and now more recently for over the air updates. This talk pulls back the curtain on automotive bootloaders and how poor security design or implementation choices can be used by attackers to exfiltrate firmware or even gain persistent code execution.