BSides London 2021 BSides London 2021
Join event to build your agenda.

Drive all the hacks! Learn about automotive threats and experience what is like to drive in a vehicle while it is being hacked in a full-motion hacking rig.

Workshop Track 2

David is Founder and CEO of Copper Horse. He chairs the Fraud and Security Group at the GSMA and sits on the Executive Board of the Internet of Things Security Foundation. He authored the UK’s ‘Code of Practice for Consumer IoT Security’, in collaboration with UK government and industry colleagues, and currently sits on the UK’s Telecoms Supply Chain Diversification Advisory Council. In the Queen’s Birthday Honours 2019, David was awarded an MBE for services to Cyber Security. He tweets @drogersuk .

Mark is Technical Lead at Copper Horse. His expertise includes embedded development for IoT through to commercial software and test automation for millions of mobile phones following a 15 year career at Vertu and Panasonic Mobile. At Copper Horse, he has been involved in research projects for automotive, IoT, security and smart cities. Mark has delivered practical hacking training to commercial clients on behalf of the IoT Security foundation and to students at the University of Oxford and York St John University.

James is a Threat Modelling Analyst at Copper Horse. Recent activities include the preparation of threat models based on the newly introduced ISO 21434 automotive cyber security standard, which involves attack tree development and impact and likelihood analysis. James participates in the firm’s annual IoT vulnerability disclosure reports and also hosts Elevation of Privilege threat hunting sessions, which apply Microsoft’s STRIDE framework to dataflow diagrams in an engaging tabletop format. He has worked with members of the GSMA Device Security Group to update requirements for mobile device software security updates.

In the workshop, participants will be introduced to the latest automotive cyber security standards and invited to explore threat scenarios that could apply to current and future vehicles. The group will then have the opportunity to carry out and experience simulated automotive attacks from the driver’s seat in a safe environment using the Copper Horse vehicle hacking demonstrator, a setup that features: − a 3-screen panoramic view of the built environment, with complete telemetry output, − motion platform (3-axis) with driving peripherals, − external control of key operations (brakes, acceleration, wipers, steering etc.) separate to the driver, − and includes real world automotive components that communicate via industry protocols.

Simulations will include both cars and trucks.