Opening Keynote: Under the Hood – The Automotive Challenge
In an average 5-year old car, there are about 30 different computers on board. In an average new car there’s double than that, and in some cases – up to a 100. That’s a network the size of what a SMB would have, only there’s no CIO/CISO, and not even a part-time IT guy. We have no idea what’s going on under the hood. To add to the complexity, there are between 2 and 5 different bus types in a modern car. With different protocols and even different wiring, a modern car’s network diagram is a CISO’s nightmare.
There are many challenges in the Automotive domain. From strict development regulations, through very long development cycles, to very little security by design in vehicles currently on the road – working in this domain is challenging, to say the least. But unlike almost anywhere else, this time the defense might actually have a standing chance.
In this talk, we will share our experience in the Automotive domain. We will explain the complexity of the playing field, share examples of the problems we’ve encountered, and talk about the challenges involved.
About Inbar Raz
Inbar has been teaching and lecturing about Internet Security and Reverse Engineering for nearly as long as he’s been doing that himself: Programming at the age of 9 and Reverse Engineering at the age of 14. Inbar specializes in outside-the-box approach to analyzing security and finding vulnerabilities, and the only reason he’s not in jail right now is because he chose the right side of the law at an earlier age. Inbar is an international public speaker, and has worked in the IDF, at Check Point and at PerimeterX. Today he is a Security Architect at Argus Cyber Security, the global leader in automotive cyber security.
Closing Keynote: Betraying the BIOS: Where are the limits of AV for modern UEFI Firmware?
For UEFI firmware, the barbarians are at the gate — and the gate is open. On the one hand, well-intentioned researchers are increasingly active in the UEFI security space; on the other hand, so are attackers. Information about UEFI implants — by HackingTeam and state-sponsored actors alike — hints at the magnitude of the problem, but are these isolated incidents, or are they indicative of a more dire lapse in security? Just how breachable is the BIOS? In this presentation, I’ll explain UEFI security from the competing perspectives of attacker and defender. I’ll cover topics including how hardware vendors have left SMM and SPI flash memory wide open to rootkits; how UEFI rootkits work, how technologies such as Intel Boot Guard and BIOS Guard (and the separate Authenticated Code Module CPU) aim to kill them; and weaknesses in these protective technologies. There are few public details; most of this information has been extracted by reverse engineering.
About Alex Matrosov
Alex Matrosov is leading embedded security at NVIDIA. He has over two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Before joining NVIDIA, Alex served as Principal Security Researcher at Intel Security Center of Excellence (SeCoE) where he lead BIOS security. Before this role, Alex spent over six years at Intel Advanced Threat Research team and at ESET as Senior Security Researcher. He is also author and co-author of numerous research papers and the book “Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats”. Alex is frequently invited to speak at security conferences, such as REcon, Zeronights, Black Hat, DEFCON and many others. Also, he is awarded by Hex-Rays for open-source plugin HexRaysCodeXplorer which is developed and supported since 2013 by REhint’s team.