Data collection and analysis in vehicles

Technologies that actively log and possibly identify a driver (e.g., log when and how you drive), identification (e.g., can the car know when you are driving and feeling unwell? can this be applied to court?), advertisements (how long before we see custom advertisements on the head unit?), etc.

Self-driving & sensor fusion

Will cars be self-driving, if yes how? How do we judge who is at fault if it is a probabilistic algorithm making a decision? How do you prove it to a judge? What could go wrong? Can we attack sensors? Can we prevent attacks? If yes, how? At which cost?

Automotive Security

Components can be replaced, updated, and possibly connected to the Internet. How do we assure that an attacker doesn’t gain remote control of your vehicle? How do we protect the communication between ECUs? Similarly, ECUs are cost-driven embedded controllers, with limited RAM and CPU. How will this evolve? Is the current architecture and design sufficient?

Telematic Control Unit, eCall, and connected dongles

TCUs can be used for several things: from safety to data collection, remote control and debugging, update over the air etc. These devices will possibly revolutionise the automotive industry, as they will allow OEMs to (right now is not) securely push updates to 1) fix bugs, and 2) add features (e.g., TESLA). But many things could go wrong, especially as most of them have little to no security. How can we solve this?

Vehicle to infrastructure (V2I) and vehicle to vehicle (V2V) communication

It is definitely true that in the future of mobility, vehicles will be connected to everything. Assuming the two main technologies will be vehicle to vehicle (V2V) and vehicle to infrastructure (V2I), how this communication will happen? Via WLAN or mobile networks? With or without secure communication? What is the state of the art technologies? How all the OEMs manage or (plan) to implement them? Are there any standards? Can this be done security? What could go wrong? How can this affect security & privacy?

  •– Finding-a-parking-space-made-easy.xhtml?oid=39904686

Vehicle testing, attestation & dynamic homologation

Today, cars are black-boxes which cannot be tested except by automakers themselves. This makes it very difficult for a third-party to verify claims. Also, it is currently impossible to re-configure them, as they would lose their homologation. The question is, how will this process evolve? Can it be made more open and streamlined? Can the community be involved in developing a road-legal vehicle? Can and how you prove to a third party that a vehicle is running the software you signed? How do you test your vehicle?

Data Collection

TELSA refutes a journalist claim by providing a detailed log on how he used the car

Driving analysis

Pay as you drive insurance, if you brake hard to avoid an accident, you pay more

TCU and remote control

Renault battery lease agreement They claim they will ‘block’ your battery if you stop paying the lease. This is true, as we previously reverse-engineered their TCU and found they can actually do it, and much more (tracking, remote control, check and log when you speed, etc.)

Automotive Security & Background

Funny guys that do a lot of car attacks. Provide a good background on ECUs, CAN, etc. in their white paper

Self-driving & accountability

UBER self-driving accident, whose fault is that? How you prove it? Judges can hardly interpret a CNN output

Automotive testing & accountability

‘We didn’t know about the ‘test-mode’ in our ECUs.’ How can certification authorities regulate vehicles? Often composed by 20 or so ECUs, each doing something unknown to the tester?