Keynotes & Talks
Thomas Sermpinis & Pavel Khunt (V2GEVIL: ghost in the wires)
In this talk, we’ll explore the world of electric vehicle cybersecurity, focusing on charging communication, vulnerabilities in EVCC implementation, and the development of a dedicated security tool. We’ll discuss charging standards, communication protocols, and real-world scenarios to understand the evolving landscape of electric mobility cybersecurity. Additionally, we’ll showcase and discuss the hardware required for connecting to the vehicle charging port.
Willem Melching (My car, My keys: obtaining CAN bus SecOC signing keys)
Secure Onboard Communication (SecOC) is a new standard to add a Message Authentication Code (MAC) to messages on a vehicle’s CAN bus. This prevents ECUs that have no knowledge of a secret AES key to communicate with other parts of the vehicle. However, this prevents the owner of the vehicle to install any third-party devices not sanctioned by the vehicle manufacturer. In this talk we will explain how we broke the SecOC implementation of a 2021 Model Year vehicle by attacking the power steering ECU. We will give a short introduction on SecOC. We will also explain how key management is implemented, and why observing a key update when replacing a part won’t allow extracting the key.
Philippe Biondi (Aircraft Security)
This talk will revolve around aircraft security. And, you guess it, how Scapy is used in the process of making aviation safer.
Dr. Nils Weiss (Past, Present and Future of Automotive Scapy)
Explore Scapy's features and join an interactive discussion on future topics and requirements. Engage with the audience to shape the roadmap for Scapy's development.
Alexander Schröder (You CAN't fuzz this)
Fuzzing is a widely used technique in traditional IT for uncovering numerous vulnerabilities. But how effective is it in testing automotive systems? This presentation explores the possibilities and challenges of applying fuzzing to the CAN bus, the backbone of vehicle communication networks. We will explore how to identify and fuzz ideal targets (and how Scapy can help us), but also discuss the limitations and challenges of fuzzing the CAN bus.
Thomas Faschang (Using Scapy for Cybersecurity Verification in ISO/SAE 21434)
Automotive Original Equipment Manufacturers (OEMs) must comply with UNECE Regulation 155 to achieve vehicle homologation. As a result, OEMs follow the ISO/SAE 21434 standard. Key aspects of this standard include Threat Analysis and Risk Assessment (TARA), Cybersecurity Requirements, and their verification. To verify cybersecurity requirements, the Scapy library offers a powerful toolkit for writing test cases. This presentation provides an overview of the product security workflow in automotive OEMs and explains how Scapy can be integrated into the process.
Francisco Cotrina (Implementing and Testing Layer 2 Firewall Rules with Scapy)
The internal networks used in modern automotive systems are relying on Ethernet protocols, using smart switches. We have learned from IT world that they should be protected on L2 layer, usually via firewall rules. I show how such approach might be easy to understand, but it needs to be accurate, updateable, and loggeable. Testing those rules requires careful and deep implementation, supported by flexible tools such as Scapy.
Falk Mayer (JTAG Enumeration using the RP2040 on the HydraProbe)
In this session, we'll dive into the world of hardware debug ports on automotive components. You've probably heard the advice, "Lock your debug ports," but for many, checking whether JTAG is locked remains a bit of a mystery. We'll walk you through the basics of the JTAG protocol, how to connect to it, and show you how to use the RP2040 co-processor on the Hydravision Probe to adapt your scripts for different microcontrollers.
Jan-Peter von Hunnius (Insights into vehicle security attack vectors)
We look at the current state of vehicle security, highlighting infamous hacks and show where vulnerabilities still exist: From (not so much) secret key material and exploitable diagnostic services to bad encryption schemes and lack of message authentication. An inspiring raid through the open flanks of cybersecurity in (modern) vehicles.
Workshops
IPv6 & TLS Workshop (Guillaume Valadon)
In this hands-on workshop, you will learn how to use Scapy to interact with IPv6 and TLS, discover what these packets look like on the network, and manipulate the corresponding Scapy objects to interact with real implementations. Regarding TLS, you will manipulate X.509 certificates to look for relevant information and modify their contents. You will also learn how to decrypt TLS sessions using keys retrieved from Linux processes. Together we will explore IPv6 security and understand how Scapy can be used to perform practical attacks.
+++ SOLD OUT+++ Advanced Hacking Techniques (Willem Melching & dissecto) +++ SOLD OUT+++
Join experts Willem Melching and dissecto for a hands-on workshop focused on advanced ECU hacking techniques. Ideal for security professionals, automotive engineers, and enthusiasts, this workshop provides practical experience with real-world ECUs, firmware reverse engineering, and vulnerability identification.
Beginner Hacking Techniques / HydraVision (dissecto)
Join us for an intensive workshop on vehicle network security, featuring hands-on exercises in CAN-Bus attacks, ECU reverse engineering, and vulnerability scanning with Python. Gain insights into UDS protocols, OEM specifics, and automated security testing using HydraVision.
Evening Event
Join us for an evening at Degginger Regensburg! Enjoy free drinks and food, featuring delicious local Bavarian cuisine. It’s a perfect opportunity to relax, socialize, and savor great flavors.
About Scapy
Scapy, a Python program, revolutionizes network packet manipulation by offering extensive capabilities including packet sending, sniffing, dissecting, and forging. This multifaceted tool empowers users to construct bespoke solutions for network probing, scanning, and security testing. Unlike conventional networking tools, Scapy boasts an interactive interface enabling users to craft, decode, and interpret packets with unparalleled flexibility. Its domain-specific language simplifies packet description and manipulation, epitomized by its ability to describe packets in just a few lines of code. Scapy’s unique approach diverges from traditional tools by providing raw, uninterpreted data, facilitating nuanced analysis and eliminating biases inherent in interpreted results.
With Scapy, users harness complete control over packet construction and analysis, elevating network exploration and security testing to new heights of precision and customization.