What's escar Asia

Automakers around the world face a pressing need for security measures. They are unlikely to be able to meet this need without massive changes to automotive development processes and structures. What are needed are new initiatives to build positive relations with hackers. Development of self-driving technologies has been accompanied by a movement toward demanding use of over-the-air software upgrades and intrusion detection systems (IDS). Security measures are undergoing rapid progress. Failure to ascertain the latest information could be fatal.

The Embedded Security in Cars Conference (escar) is an international symposium on information security focusing on the automotive field. It has been held in Europe for more than 10 years. Security engineers from around the world gather at escar to present and discuss the latest information in the field. The Asian version of the conference, escar Asia, was held first in Japan in 2014. escar Asia will be haled for the fourth time on September 5-6, 2017. It provides an opportunity to hear detailed explanations from the world’s foremost authorities on the latest trends in this field that is progressing at a bewildering pace around the world.

Outline

Title escar Asia 2017
World leading automotive security conference
Dates September 5 to 6, 2017
Time 10:00-17:00 (open:9:30)
*Reception will be held after the 5th lecture.
Venue Hotel Gajoen Tokyo, Japan MAP ↗
Language English / Japanese *Simultaneous interpretation is attached
Organizer Nikkei Automotive
Co-Organizer ESCRYPT, ETAS, ISITS (alphabetical order)
Sponsorship ETAS, Infineon Technologies Japan, Harman, Irdeto, Nihon Synopsys,
PwC Consulting, Riscure, Toppan Printing, Trillium

Program

  • *There is a possibility to change the program.
First day ― Sep. 5 10:00 - 17:25 <open 9:30>
10:00 - 10:55
Significance of Cybersecurity toward the realization of automated driving

Research and development on the practical application of automated driving for automobiles has been advancing at a rapid pace across the world. We are now moving from the research phase to the phase in which these systems are being verified on actual roads. Automated driving systems are perceived as one element of the Internet of Things (IoT). These are systems that take advantage of all data. However, there are concerns that these systems could be hijacked and their data could be altered due to a cyber attack with this then leading to an unforeseen situation occurring. It is very important to change our way of thinking about cyber security and to take countermeasures against this.
Automated driving system verification tests are actively being carried out around the world. However, challenges have also emerged through these tests. What are the challenges that have emerged in these verification tests and what are the possibilities for solutions to them? They will surely contribute to a safe and secure automotive society in the future. This conference will consider the necessity of cyber security on automated driving systems.

William H. Saito

Cabinet Office Government of Japan
Special Advisor
William H. Saito

11:00 - 11:55
Jaspar's Approach for Automotive Security
Hiroshi Hashimoto

JASPAR/Honda
Hiroshi Hashimoto

12:00 - 13:00

Lunch

Luncheon Seminar (12:10 - 12:40)

* We serve lunch box to those who will listen to the sponsored lecture.

Connected-car with cyber-attack resistance

Connected cars become popular in recent years, and a large number of cyber attacks that exploit vulnerabilities are reported. Under the circumstances, OEMs and suppliers are required to establish the organization and processes to ensure connected cars’ quality of security.
In this presentation, we will introduce following needs to ensure quality of security in these.
 - Secure process development from concept phase to development and disposal phase
 - Evaluation of cyber-attack resistance using penetration test

Satoru Oshiro

PwC Consulting LLC
Satoru Oshiro

13:00 - 13:55
Practical Attacks on CAN Message Authentication

Injecting malicious CAN messages is a common attack method against vehicles, either through a compromised ECU or through an external interface. Other attack methods involve manipulating legitimate messages and replaying older messages. One possible solution which was introduced is to add authentication to CAN messages, often implemented by adding some sort of cryptographic protection, hereafter CAN Message Authentication. While the use of message authentication on CAN assists the overall security and considered a good practice, some of the implementation restrictions are often overlooked – restrictions which allow for practical attacks to either abuse the usage of message authentication or circumvent the protection altogether. In the presented study, we will explain the common implementation of message authentication on CAN, inherent restrictions and also demonstrate practical attacks which we have conducted on actual CAN message authentication mechanisms.

Yuval Weisglass

Harman (TowerSEC)
Vice President, R&D, Automotive Cyber Security
Yuval Weisglass

14:00 - 14:55
Secure CAN Communication by using Frame Counter Approach

Controller Area Network or CAN is a network used most widely in a modern vehicle consisting of multiple microcontrollers that need to communicate with each other.  However, CAN was introduced in the eighties for vehicles being developed in the last century, when tampering a car required physical access.  That explains partly, why so far no security measures have been adapted to safeguard CAN network from any potential attack.  As increasing numbers of vehicles are being connected to the cloud, the exposure risk of safety-critical systems rises significantly.  A good example can be seen from the “Jeep Hack” that was performed by security researcher “Charlie Miller and Chris Valasek”, where they were able to seize control of the car by sending unauthorized messages on the CAN bus.
Due to this and similar attacks, the automotive industry is seeking after  efficient protection mechanism for  the various CAN buses within the car. Numerous researches have been done in the area of secure CAN bus communication by using standard algorithm such as CMAC (Cipher-based Message Authentication Code) and symmetric key algorithm like AES-128 (128-bit Advanced Encryption Standard).  In addition, the concept of count value has been introduced by AUTOSAR SecOC (Secure On-board Communication) module to prevent replay attacks by attackers on the CAN bus.
However, the synchronization of the CAN bus communication session in the car remains an important and challenging topic, that needs to be examined in greater detail.  In our talk, we will take a closer look into the freshness and synchronization mechanisms for secure CAN bus communication.  In addition, we will propose a method for synchronization of the various ECUs using the “frame-counter” approach.  And we will explain why this method is more efficient to meet automotive requirements with less complexity and communication payload overhead.  Last but not least, we will share the results of the feasibility study we did by using three application boards together with an associated software package.

Gui Kok Cheng

Infineon Technologies
System Application Engineer
Gui Kok Cheng

14:55 - 15:50

Break

Coffee Break Seminar (15:10 - 15:40)

* We will provide coffee and sweets to people listening to the sponsored lecture.

Chris Clark

Synopsys, Inc.
Software Integrity Group
Principle Security Engineer of Strategic Initiatives
Chris Clark

15:50 - 16:35
Automotive Intrusion Detection and Prevention System (IDPS) - Continuous Protection as part of the Automotive Security Lifecycle

At the very latest by the time of the first NHTSA recall of millions of vehicles due to security vulnerabilities in 2015, there could no longer be any doubt as to the importance of IT security (hereafter automotive security) for modern connected vehicles. OEMs and their suppliers already invest an impressive amount of resources and collaborate with security experts to ensure that vehicles are sufficiently secure at time of production. However, until recently, the operational phase of the vehicles was somehow a blind spot. I.e. new attacks, which appeared during vehicle lifetime, could not be identified and while the connected fleet somehow forms a distributed IT-system, no endeavors have been undertaken to detect potential intrusions, in terms of security attacks. Within the presentation, a continuous protection strategy is described that employs protective measures both to reduce vulnerabilities in advance and to detect and avert (new) attacks during ongoing operations. Part of this continuous protection strategy is an automotive Intrusion Detection and Prevention system (IDPS). An In-Vehicle IDPS Software, which can be executed on deeply embedded ECUs, monitors the in-vehicle communication and reports anomalies, i.e. potential attacks, to a Cybersecurity backend. Security experts are thus able to observe emerging attack trends and assess the vehicle fleet cybersecurity welfare. Based on this information, ongoing attacks can be revealed and the respective vulnerabilities can be identified to remedy the attacks by distribution of security updates to all (connected) vehicles, hopefully way before the attack propagates to the whole fleet. A holistic automotive security approach needs to cover the security for the complete vehicle, i.e. all technical layers, the security in corporate processes and functions and finally also the security for the entire vehicle life cycle. Thus, a holistic automotive security approach requires continuous protection, which itself requires and automotive IDPS.

Jan Holle

Escrypt
Product Manager
Jan Holle

16:40 - 17:25
“Light Weight" Defends Cars “New Concept"
Hirotaka Sakajiri
Blue Planet-works
Senior Vice President - Technology and Product
Hirotaka Sakajiri

17:40 - 18:40

Social gathering *Maximum extension 19:00

Second day ― Sep. 6 10:00 - 17:00 <open 9:30>
10:00 - 10:55
Vehicle security from the OEM perspective: The challenges of establishing and maintaining a common security baseline

Developing a secure ECU is a cooperative effort by the OEM and the supplier. However, communication problems and differing expectations can have a substantial impact on the final product. These problems can undermine even the most complete security engineering process and lead to an incomplete or faulty implementation of the intended security concepts. Based on the experiences of an OEM’s vehicle security engineer we present a set of best practices to consider for both the OEM and the supplier for both writing and understanding requirements and for communication during the actual development. Furthermore we provide an overview of VW’s effort to standardize security requirements across the whole Volkswagen group.

Alexander Tschache

Volkswagen
vehicle security engineer
Alexander Tschache

11:00 - 11:55
Building Korea's V2X environment security infrastructure

Connected cars that enable two-way communication through the convergence of car and IT technology are emerging and Inter-vehicle communication technology is rapidly evolving to meet the needs. Such inter-vehicle communication technology can reduce traffic accidents and enhance the convenience of the driver. V2X (Vehicle to Everything) is the next generation vehicle technology that is being researched and developed not only from the well known vehicle manufacturer (OEM), it is also researched and developed at national level in the United States and Europe. However, as vehicles are converged with IT technology, security threats that existed in preexisting IT environment are also being transferred to vehicles. there has been hacking cases announced around famous conferences which was performed on actual vehicles. If there is a hacking damage case targeting the future V2X environment, security measures are required because it could lead to accidents related to humans. The research on security of vehicle PKI system in the V2X environment has already been carried out much abroad based on IEEE 1609.2 standard, and in Korea, establishing and demonstrating vehicle PKI system in national industrial aspect based on IEEE 1690.2 standard is being prepared. This presentation introduces how to build and operate a vehicle PKI system for communication security on ongoing V2X environment in Korea. By comparing with the structure and operation method of public authentication service currently used in Korea, an efficient method for building and operating a real vehicle authentication system will be discussed. Also, based on the analysis of the current state of the US legal system for the construction and operation of the V2X environment and related legislation currently being discussed in Korea, a roadmap for building Korea's V2X environment security infrastructure will be introduced in the presentation. In addition, Method for fast verification of multiple signed messages between RSU and vehicle will also be introduced in presentation.

Jaejung Kim

KICA (Korea Information Certificate Authority)
CTO
Jaejung Kim

12:00 - 13:00

Lunch

Luncheon Seminar

* We serve lunch box to those who will listen to the sponsored lecture.

Holistic Approach for Automotive Security (tentative)

Escrypt GmbH
Director of Product Management,
Frederic Stumpf

13:00 - 13:45
Detection and Classification of Misbehavior and Threats Against V2X Systems

Connected Vehicle technology promises to deliver a variety of benefits including dramatic reductions in accidents and smoother, more efficient traffic flow. Several systems have been proposed to introduce direct vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) messaging. A common theme among these designs is a requirement for rapid authentication and a reliable method of distinguishing between valid and fraudulent or malicious messages. The dynamic, peer-to-peer nature of the messages combined with a concern for privacy and a demand for fast authentication present new and unique data security challenges. This talk will survey the types of malicious behaviour that have been predicted in this environment and it will consider approaches to classify and respond to these threats. The scope of attack types span the range from component failure to targeted hacking and even widespread terror attacks. However, viable responses to active attacks and system failures are limited. In a conventional service or access control scenario, failed authentication typically results in rejection of the requested access or service. In a critical safety application the potential for an ignored alert to result in a life-threatening crash may not be acceptable. Alternative responses will be considered. The potential value and limitations of sensor fusion techniques as a means of augmenting protocol-level authentication will also be considered. The role of system infrastructure and revocation procedures will also be considered as a means of mitigating threat to connected vehicle systems.

Brian Romansky

TrustPoint Innovation (now ESCRYPT)
VP Strategic Innovation
Brian Romansky

13:50 - 14:45
Securing Vehicle to Everything Communication with 3GPP

3GPP, the mobile communications specification body, has developed the V2X standard and associated security solutions. Currently 3GPP is developing 5G security specifications with first set of specifications expected to be available in December this year.
The purpose of this talk is 2-fold: First we will discuss mobile communications security for V2X as specified by 3GPP. Where V2X includes V2V, V2I and V2P. Security threats to which 3GPP specifications cater for are: communication path related threats, threats associated to configuration and management, security credentials, device, privacy aspects and resources that includes radio, device and time. These threats, requirements and solutions will be covered in the presentation. In the second topic we will cover the 5G security activity. This part of the talk will give an overview of 5G and current status of security specifications as well as its implications on V2X security.

Anand R. Prasad

3GPP
Chairman of 3GPP SA3 and GISFI Security & Privacy group
Anand R. Prasad

14:50 - 15:45
Potential Risks of Automotive Grade Linux

Automotive Grade Linux (AGL) is a Linux Foundation Workgroup dedicated to creating open source software solution for automotive applications.
The initial target for AGL is In-Vehicle-infotainment (IVI) systems. AGL will likely play a significant role in the future of automotive development. As such, understanding how this operating system works on a deep level is becoming important. Methods and techniques that would aid in assessing its security are also becoming essential.
In this paper we will first explain the internals of the OS, including the security features. We will then enumerate the attack surface of a device running AGL to learn the methods to assess the security of an AGL devices. We will end the paper with some recommendations on how to secure an AGL device.

Daisuke Noguchi

NRI SecureTechnologies
Daisuke Noguchi

16:00 - 17:00
Panel Discussion
"Automotive security NCAP"

Worldwide industry approach needed/possible? What should be included, what not? What can we learn from NCAP?

⟨ Moderator ⟩
Marko Wolf, Head of Consulting Engineering in World Wide, Escrypt

Registration Fee

General Price

123,000JPY (Tax included, 2 days)

  • ※日本国内在住の日本人および日本国内在住で日本語対応が可能な方は日本語サイトからお申し込みください。
    ≫ 日本語版はこちら
  • *Japanese who live in Japan and those who can apply in Japanese,please apply from the Japanese site.
    ≫ Japanese version is here.

Student Price

49,800JPY (Tax included, 2 days)

If you are a university or graduate student on the day of escar Asia 2017, you can apply at Student Price.
In that case,please observe the following.

  • *Present your student ID card at check-in.If you can not present your student ID card, you can not enter the venue of escar Asia 2017 without paying the difference between General Price and Student Price.
  • ※日本国内在住の日本人および日本国内在住で日本語対応が可能な方は日本語サイトからお申し込みください。
    ≫ 日本語版はこちら
  • *Japanese who live in Japan and those who can apply in Japanese,please apply from the Japanese site.
    ≫ Japanese version is here.
■Attention
  • *Lunch is not included.But,if you will attend the luncheon seminar provided by the sponsors, we will offer you a boxed lunch.
  • *We will hold a networking party after the seminar on september 5.
  • *We will accept applications only for those who can agree to provide registration information and will provide third parties to the following co-organizers and co-sponsors including overseas. Each company may use it for direct guidance (products / services, exhibitions, seminar events, etc.), surveys and so on.
     ESCRYPT
     ISITS (Germany)
     ETAS
     Other sponsors
  • *Soon as it becomes fully booked, we will be closed accepting applications. Please apply as soon as possible.
■Payment

We will accept only the credit card payment at web site.
Please carry out registration-mail printing as the Attendance Certificate on the day.

We can not accept cancellation after application, refund after remittance. Please attend on behalf of you.
Transportation and accommodation expenses to the venue will be borne by the person taking this event.
Sudden diseases of instructors etc, natural disasters and other force majeure, other unavoidable circumstances, we may cancel. In this case, the registration fee will be refunded.

Co-Organizer

ESCRYPT ETAS ISITS

*escar is a trademark of isits

Sponsorship

ETAS Infineon Technologies Japan Harman Irdeto synopsys Pwc Riscure TOPPAN Trillium