Mihai Petre

Lead Software Engineer Garrett - Advancing Motion

BIOGRAPHY

Mihai is an automotive lead embedded hardware and software development engineer for Garrett Motion. His interests are developing Intrusion Detection Systems for embedded solutions for the OSI layer protocols within the automotive domain. He is an expert in embedded systems and has experience in hardware design, embedded systems and various automotive applications.

CAN Bit-Stomping attack Prevention

Preventing a potential attack on an automotive internal communication network (example: CAN – Controller Area Network) can be a challenging and a time sensitive task. Below description provides a summary of a technique, CAN Bit-stomping which helps neutralizes the malicious commands sent over CAN, if detected by an Intrusion Detection System (IDS).

CAN bus follows a basis principle of not transferring the data to the destination if the integrity of the data is compromised. CAN Bit stomping method uses this same principle to violate the CRC and there by stopping the information to be transfer. Below paragraph explains the detailed methodology to violate the CRC.

CAN bus uses a differential 2 wire CAN-H and CAN-L topology which always stay opposite (low or high voltage). CAN bus could have 2 states: Recessive (CAN-H and CAN-L are derived to 2.5V) and Dominant (CAN-H is derived to 5V and CAN-L to 0V).  The idle state of the bus is recessive, the only operation a node needs to send data is to drive the bus to a dominant state, this way the data can be encoded in “Dominant / Recessive” (0 / 1). Whenever a single Recessive bit is overwritten by a Dominant one, the message CRC will be invalid, and the message will be ignored. This operation must be constructed by an independent custom CAN controller. To block messages on a 1 MB/s CAN BUS, a FPGA could be used to execute the operation.

This presentation is co-presented with Gabriel Ciubotaru, Lead Security Researcher Garrett – Advancing Motion.

​​

Are you the next cyber security superstar?

If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.

Other speakers joining this year

Raluca Stanciu

Senior Software Engineer BullGuard

Chris Yule

Senior Security Researcher Secureworks

Sergey Ovchinnikov

Expert Researcher JSC Advanced Monitoring

Ready for this year's presentations?

By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.

0
SPEAKERS
0
COUNTRIES
0
ATTENDEES
0
HACKING
COMPETITIONS
0
COMPANIES

Sponsors & Partners

They help us make this conference possible.

POWERED BY

At Orange Business Services, we help our customers transform their industries, reimagine their services, create a positive impact and unleash the power of their data into an amazing and trusted resource.

With the dual expertise as a global operator coupled with the agility of an end-to-end integrator, Orange Business Services is a global network-native, digital services company. From connectivity, smart mobility services and the cloud to artificial intelligence (AI), analytics and cybersecurity, Orange Business Services helps businesses at every stage of their data management. Orange Business Services is represented in Romania by the business division of Orange Romania and helps large companies, SMEs and public authorities to transform their organizations through the use of technology and digital information.

www.orange.ro

Platinum Partners
Gold Partners

HACKING VILLAGE PARTNERS
COMMUNITY & MEDIA PARTNERS