Arun Mane is a Founder and Director of Amynasec labs LLP which is specialized in Vehicle/Iot/ICS and he also Hardware, IOT and ICS Security Researcher. His areas of interest are Hardware Security, SCADA, Automotive security, Fault Injection, RF protocols and Firmware Reverse Engineering. He also has experience in performing Security Audits for both Government and private clients. He has presented a talk at the nullcon 2016,2017,2018 Goa, GNUnify 2017, DefCamp 2017, 2018 Romania, BsidesDelhi 2017, c0c0n x 2017, EFY 2018, x33fcon2018, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 Goa. Also Trainer for Practical Industrial Control Systems (ICS) hacking training, delivered in x33fcon2018,2019, HIP 2018 and also delivered training for IoT hacking in HITB 2017, HIP 2017, BlackHat Asia 2018 and private clients in London, Australia, Sweden, Netherlands etc. He is an active member of null open community.

Hacking ICS devices for Fun

New generation malware and attacks have been targeting ICS and systems causing huge monetary and human life losses. ICS system still vulnerable in nature because it’s poorly understood. As ICS industries are old and functioning for a long time, there is no considering of security aspect since they started. Apart from PLC, RTU, DCS, and SCADA system, there are third-party vendors devices available in the market which can talk or convert one protocol to another, sometimes they called serial servers or couplers. These devices still in a vulnerable state as per their HMI, protocol and hardware point of view. In this talk, we will demonstrate about these devices vulnerability as well as some well-known plc vulnerabilities.

Penetration Testing of Vehicle Components (ECU and FMS)

Today all vehicles are connected through V2X technologies. All manufacturers are coming with new technologies which can be added technologies for Vehicle industries like Fleet management systems, diagnosis toolset etc. These systems are from third-party vendors which are still in a vulnerable state. So addressing their weakness requires specific skillset in cybersecurity as well as attack mitigation of vehicle industries. Mitigation part requires huge and niche expertise in vehicle industries. No one show, how to mitigate these vehicle attacks over ECU and FMS in any conference. In this talk will show you how mitigate vehicle cybersecurity attacks against CANBUS and LIN protocol over ECU and FMS (Fleet Management System).