8 місяців тому
9 місяців тому
10 місяців тому
Рік тому
Рік тому
Рік тому
2 роки тому
КОМЕНТАРІ
@Gfffhhvqqaawwweerrrt 17 днів тому
Thanks for the wonderful presentation
@Mohamed-Nabil-Gaber 27 днів тому
Is the process of new attacks or malicious behavior by IDPS will be real time analysis ?
@iam1smiley1 27 днів тому
These dongles are also marketed for rust prevention and insurance companies are also encouraging there use to monitor drivers for "discounts" (which should be stopped). I did quality control for a large bodyshop and was really surprised how many vehicles came through the shop with something plugged into the DLC when I needed to hook up a scan tool. Also, with the proliferation of cheap Chinese scan tools on the market...I really wonder when someone will hack the scan tools themselves (CCP even), every mechanic around has a cheap Chinese scan tool in their arsenal and could easily be vectors used to spread custom malware for each model of vehicle to later be triggered if chosen.
@Abdu-Mechanic1 2 місяці тому
Gambia
@PoRkch0p523 3 місяці тому
Wooot!!
@sergetataw8203 3 місяці тому
hi i am from mali
@yusufarslan6640 5 місяців тому
Thanks for sharing. Great job John and Mohamed and of course Bastian.
@videogenie1236 8 місяців тому
Some good background knowledge as I am just starting to look at the CANBUS for a vehicle project that my company is working on. Thanks for the GitHub downloads.
@user-om7zn6wv4t 9 місяців тому
I can't understand how to bypass the firewire integrity check😅
@mohammedshine2372 9 місяців тому
Good video
@newtimeageful9969 9 місяців тому
want to see more in the future
@johnboscovijayanand 9 місяців тому
Good one and an eye opener!
@renakunisaki 9 місяців тому
I can barely understand what's being said. Especially one speaker has a lot of background noise.
@automotivesecurityresearch1613 9 місяців тому
Thanks for the feedback @renakunisaki, we will work on making sure the audio on future videos is better. Apologies.
@LateNightCyber 10 місяців тому
What is the gold baseline out there? Apple and Google have tried to shed light on what access users are giving to their private data and how it’s managed. Cars are just one aspect and usually involve purchasing a full vehicle or going to a junkyard/rental fleet. I feel like user data can be collected trivially from other sources that most users don’t even consider reviewing or just click “accept” on most Terms and Condition or EULAs
@thechallenger3020 11 місяців тому
Amazing content guys!
@buddyblock3755 11 місяців тому
ahh, ahh.ahh
@Cyber_Space660 11 місяців тому
So noise For God Sake there is a thing called Quality Please Improve
@KakandeEric-jn6qt 11 місяців тому
Hello
@purbasagoswami1438 Рік тому
It was very informative. Automotive security could be a potential topic for my master thesis. I have one question here: How does the V2P communication happen (Just curious about it, does it happen through an app)?
@DannyDieHard369 Рік тому
Man I'm not a Oud to drive yall are a bunch of d. I. C. K. S
@kamilgrzela6013 Рік тому
It is a very good material. Good base to build checklist.
@khaledgharbi5827 Рік тому
is there video removed from this important channel already!?!?
@automotivesecurityresearch1613 Рік тому
Hi Khaled. Which video are you referring to? Please note we haven't deleted in videos in this channel. Cheers!
@eugenemandy3314 Рік тому
I am intrested in vehicle forensics
@herbertarnold6372 Рік тому
😢 ≋p≋r≋o≋m≋o≋s≋m
@guzh Рік тому
very confusing
@shkaf4ik Рік тому
Great presentation ! Thanks Matan
@romu9999 Рік тому
Thanks a lot for this great webinar! Rgds from Sweden
@solasoul33 Рік тому
It is refreshing to hear that the automotive industry cares.
@AH-oo1oq Рік тому
For those who are watching in 2022, tha ISO 21434:2021 has different clause numbers for Asset identification and rest of Clause 15 sections.
@cihan1995 Рік тому
what tool is used for TARA? thanks for the session
@automotivesecurityresearch1613 Рік тому
the tool used is called COMPASS
@mercmishra Рік тому
Wow thanks for the session i was looking for the same , I am also performing security testing for automotive Cybersecurity
@matthias6050 2 роки тому
Great introduction into the ISO/SAE 21434 and TARA.
@hyperkhan5823 2 роки тому
thanks a lot recently interview with a automative industry for cybersecuirty engineer position and they tasked me to study can bus attack and remediation will interview me later .. so greatful excited that i found this video
@Superuser2000 2 роки тому
Talk starts from 20:00
@cyozdemir113 Рік тому
Thanks mate
@ciciy-wm5ik Рік тому
@@cyozdemir113 thanks, too much useless info at the beginning of the video
@newtimeageful9969 2 роки тому
thanks the sharing
@2assan 2 роки тому
Thank you for the great insights into R156. Really appreciate it
@CYRESConsulting 2 роки тому
Glad to know our insights are helpful. Feel free to visit for more valuable information regarding UN Regulation No. 156 cyres-consulting.com/unr156
@CYRESConsulting 2 роки тому
We are more than delighted to share our view on secure software updates according to UN R156 with fellow ASRG members and the growing automotive cybersecurity community. Thank you for having us today!
@crissam6086 2 роки тому
Great presentation 👏!
@lexej777 2 роки тому
I dont see a benefit with this approach. 😕 why not just follow 21434 and get certified by appropriate ca? As for me this approach is just a try to create some unnecessary theoretical model.
@Felike19 2 роки тому
Hi Lex, in my opinion it is quite hard to "just follow" ISO/SAE 21434. Most of the requirements are quite vague. You need the right plan and a sufficient framework to justify that you took the required measures. Furthermore, there is no real ISO/SAE 21434 certification yet. Everything related to security is about having the right justification and this of course can be done based on a model showcasing how the complexity of automotive cybersecurity is working together and is interrelated.
@charleswilson7944 2 роки тому
ISO/SAE 21434, like 15288 and 12207, does not specify a development lifecycle. It states that you must have formally managed, traceable processes which follow best practices, and are carried out by appropriately trained and qualified individuals. These processes are expected to produce various work products supporting the specific requirements of '434. The AVCDL is a lifecycle that conforms to all the requirements of '434, provides full documentation of underlying best practices and also supports supply chain activities. The AVCDL is not a theoretical model, but rather a blueprint and represents the '434 required cybersecurity process documentation set.
@lexej777 2 роки тому
@@Felike19 I didnt say it is easy to follow it, but all needed Information is in it and it is task of your organisation to establish processes and methods satissfying the iso. If this approach from this video is guiding someome so it is fine, but I didnt see something new in this approach. Regarding certification, there will be certification authorities soon.
@lexej777 2 роки тому
@@charleswilson7944 ok, maybe for companies who starting from scratch building the Engineering processes and lifecycles it might be helpful, but for the companies who having engineering processes and lifecycles already, it doesnt worth it, since it is easier to adapt and extend their own aproaches which are already covering privious mentioned iso's.
@williamclemens6255 2 роки тому
Gutamala
@xraargu6212 2 роки тому
38:45 LOL 😂🤣
@gideonge6188 2 роки тому
I have a question, why escrypt spend so much effort on VLAN tag, TCP state machine , UDP header...All these things should be taken care by protocol stack. I feel some CAN expert want to port what they have done on CAN to ethernet again. In vehicle, the computing resource is very limit, why spend so much resource on frame format validation? This is done by TCP/IP stack.
@gideonge6188 2 роки тому
is there a way to get the slide?
@Barabass 2 роки тому
I hope that no one is forced to use this Tool in the Beta Version - it's terrible.
@gideonge6188 2 роки тому
can you share the slide of this presentation?
@parthgupta1683 2 роки тому
Insightful!
@vishnukumarasst.prof.eceve8676 2 роки тому
better than text books
@marvymagoo7011 2 роки тому
Interesting... Thanks for sharing.
@automotivesecurityresearch1613 2 роки тому
Thanks for watching!
@daihhqn 2 роки тому
Could you please share about How to create Cybersecurity requirements? Thanks!
@Hitmonkey420 2 роки тому
I'm interested in setting this up myself. Do you have the embedded canhack boards available on your website?
@automotivesecurityresearch1613 2 роки тому
You can find more information here: github.com/kentindell/canhack