Arun Mane
Founder and CEO Amynasec Labs
BIOGRAPHY
A Trailblazer in Security, Innovation, and Education Arun Mane, a visionary leader and luminary in the field of cybersecurity, wears many hats. He is not only the Founder and CEO of Amynasec Labs, but also the co-Founder and CEO of UnoAcademy, a distinguished training provider. With a resolute focus on Vehicle/IoT/ICS/IoMT security, Arun is also a recognized Hardware, IoT, and ICS Security Researcher, shaping the future of digital protection. Arun’s passions encompass a spectrum of technological domains.
He delves into Hardware Security, SCADA systems, Automotive Security, Fault Injection, RF protocols, and the intricacies of Firmware Reverse Engineering. His inquisitive mind thrives on unraveling complex systems and identifying vulnerabilities that safeguard the digital landscape. Arun’s expertise extends to performing Security Audits aligned with ISO 62443, ISO 21434, NIST frameworks, catering to both government and private clients. His insights have proven invaluable in fortifying digital infrastructures against ever-evolving threats. His prominence shines brightly on the international stage.
Arun has delivered captivating talks at an array of prestigious conferences, leaving a lasting impact on audiences worldwide. Noteworthy appearances include Nullcon in Goa from 2016 to 2018, GNUnify 2017, Defcamp in Romania from 2017 to 2019, Hacktivity in Budapest 2019 and 2023, Rootcon 2020 in the Philippines, BsidesDelhi 2017, c0c0n x in 2017 and 2019, BSides Ahmedabad 2021, EFY 2018, x33fcon from 2018 to 2021, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 in Goa, and HITB Red Team Village 2020, HITB Phucket in 2023, Seasides Goa in 2023. These platforms serve as a testament to his remarkable insights and thought leadership in the cybersecurity realm.
Hardware Backdooring an e-Scooter
Nowadays, smart cars are equipped with a lot of sensors to make cars smarter which can take decisions automatically or logic written in ECU.
But in the same way, motorcycles and scooters become smart and work on electricity. Scooters are becoming smarter and smarter than traditional one which works on gasoline. Intelligent scooters work on usually on one or two ECUs depending on the working style. No one focuses on the smart scooter yet from per cybersecurity standpoint.
In this talk, we will talk about those vulnerabilities that can affect working mechanisms and functional safety standpoints. Our target is Indian OEM, who sold out more than 1,50,000 in the year and sold out more. The same vulnerabilities can be found in all sold-out e-scooters, We will demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in this research are cost-effective.
The best part of this research talk, we are not only focusing on only attack part but also on TARA which can be beneficial for Automotive and IoT representatives, cybersecurity experts, and manufacturers.
In this research, we reverse-engineered all functionality of e-scooters with respect to Canbus messages and Safery functionality implemented in e-scooters. Main functionality such as acceleration and Deacceleration, side indicator, breaking mechanism, and so on. After reverse engineering of physical e-scooter, we made our hardware implant to set up inside the scooter and we controlled the entire scooter with the help of identified vulnerabilities. We can stop the scooter while driving the scooter remotely. It is a functionality and safety function flaw we found in the scooter itself. We also attacked other models of e-scooter resulted in the same conclusion. We also performed the TARA report on the e-scooter level as per ISO21434 standard and we found some serious risks, these attacks are derived from the TARA report.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Mihail-Iulian Plesa
Security Researcher Orange Services
George-Andrei Iosif
Software Security Engineer Canonical
Andrei Niculae
Student Faculty of Automatic Control and Computer Science from Politehnica University of Bucharest
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Romania is part of the Orange Group, one of the largest global telecommunications operators that connects hundreds of millions of customers worldwide. With over 11 million local customers and an annual turnover exceeding 1.5 billion euros, Orange Romania connects 1 in 2 Romanians and offers an extensive range of communication solutions for both individual and corporate customers, from basic connectivity services to complete mobile, fixed internet, TV packages, and complex IT&C solutions through Orange Business.
Orange Romania is the number 1 operator in terms of network performance, and also holds nine consecutive Top Employer certifications, which confirm that Orange Romania, in addition to the remarkable products and services it offers, pays special attention to its employees and working environment. In the past 3 years Orange has launched two 5G Labs in Bucharest and Iasi, that aim to support researchers, startups and companies to test their 5G solutions in advance.
In addition, Orange is a long-term supporter of the startup ecosystem through the Orange Fab accelerator program designed to support entrepreneurs in the development of innovative products and their distribution locally and internationally.