Explore the intricacies of the Controller Area Network (CAN) bus and its vulnerabilities in this 47-minute conference talk by Tim Brom and Mitchell Johnson from 0xdade. Delve into the history, basics, and advanced concepts of CAN bus technology, including its mandated use in US vehicles since 2008. Learn about CANT, a software-implemented CAN bus peripheral that enables security researchers to test electrical bus-level error handling capabilities of CAN devices. Discover how CANT can be used to selectively attack specific ECUs without detection by automotive IDS/IPS systems, providing valuable insights for automotive security research. Gain understanding of CAN bus error frames, error counters, and philosophy, while exploring the advantages and limitations of CANT. Witness a demonstration and discuss mitigation strategies for potential vulnerabilities in automotive systems.
Overview
Syllabus
Intro
About GRIMM
Overview
CAN BUS history
Why CAN BUS?
CAN BUS Basics
CAN BUS not-so-basics
Other CAN Frames
Error Frames
CAN Error Counters
CAN Philosophy
But that CANT Happen!
CANT advantages
Using CANT to identify attacks
Demonstration
Limitations and mitigations
Further reading
Taught by
0xdade
