Publications

We are dedicated to improving automotive system security, so we engage and challenge ourselves to learn more about it. We have been part of seminars and trainings that aim to provide more people with a more secure environment when using their automobiles.

You can check out more of our engagement with this field through the following videos:

Expertise spotlights

TROOPERS23: Fault Injection Attacks on Secure Automotive Bootloaders

Relay Attack applied to NFC Virtual Car Keys

From Blackbox to Automotive Ransomware

Bringing light into the Black Box

TROOPERS19: Automotive Penetration Testing with Scapy

TROOPERS19: SIM Simulator

TROOPERS22: Automotive Network Scans with Scapy

TROOPERS19: IoT backdoors in cars

Fault Injection Attacks on Secure Automotive Bootloaders

Scientific Publications and Presentations

Our products and services are backed by years of research and published works. We have a strong background in the security of hardware and software design of integrated circuits and embedded systems, which makes us the best option for any security concerns in this field.

Publications

Enrico Pozzobon et al.“An evolutionary fault injection settings search algorithm for attacks on safe and secure embedded systems”Neural Network World 33. NNW ’33. Oct. 2023
Nils Weiss et al.“Extending Vehicle Attack Surface Through Smart Devices”The Eleventh International Conference on Emerging Security Information, Systems and Technologies (SECURWARE). Rome, Italy, Sept. 2017
Enrico Pozzobon et al.“A Survey on Media Access Solutions for CAN Penetration Testing”ACM Computer Science in Cars Symposium (CSCS). CSCS ’18. Munich, Germany: Association for Computing Machinery, Sept. 2018
Nils Weiss, Markus Schrötter, and Rudolf Hackenberg“On Threat Analysis and Risk Estimation of Automotive RansomwaACM Computer Science in Cars Symposium. CSCS ’19. Kaiserslautern, Germany: Association for Computing Machinery, 2019. isbn: 9781450370042. doi: 10.1145/3359999. 3360492. url: https://doi.org/10.1145/3359999.3360492
Nils Weiss et al.“Transport Layer Scanning for Attack Surface Detection in VehiculaComputer Science in Cars Symposium. ACM, 2020, 1–8. isbn: 978-1-4503-7621-1. doi: 10.1145/3385958.3430476. url: https://dl.acm.org/doi/10.1145/3385958.3430476
Nils Weiss et al.“Automated Threat Evaluation of Automotive DiagProceedings of the Embedded Security in Cars Workshop (ESCAR). 2021, 1–16
Nils Weiss et al.“Under the Hood – A Concept for Virtualized Automotive Security Education”EDULEARN21 Proceedings. 2021. isbn: 978-84-09- 31267-2. url: doi.org/10.21125/edulearn.2021
Sebastian Renner, Enrico Pozzobon, and Jürgen Mottok“A Hardware in the Loop Benchmark Suite to Evaluate NIST LWC Ciphers on Microcontrollers”Aug. 2020
Alexander Meisel et al.“Best Practices: Einsatz von Web Application Firewalls”Mar. 2008

Presentations

Enrico PozzobonFuzzy Fault Injection Attacks Against Secure Automotive Bootloaders”escar23. 2023. url: https://www.escar.info/escar-europe/program/program.html?lectureId=q9OOcqpJAtxvad5ZW32D
Nils Weiss“Vulnerabilities of OBD2 Dongles”RCAR International Association of Automotive Research Centres, Annual Conference. Munich, Germany, 2018
Nils Weiss and Enrico PozzobonIOT Backdoors in CarsIT Security Conference Troopers19. Heidelberg, Germany, 2019. url: https://www.troopers.de/troopers19/agenda/mud7fn/
Nils Weiss and Enrico PozzobonAutomotive Penetration Testing with ScapyIT Security Conference Troopers19. Heidelberg, Germany, 2019. url: https://www.troopers.de/troopers19/agenda/znxvht/
Nils Weiss and Enrico Pozzobon“Reverse Engineering and Weaponizing OBD Dongles”Automotive Security Research Group, Meeting 22. Stuttgart, Germany, 2019
Nils Weiss and Enrico PozzobonFrom Blackbox to Automotive RansomwareDEF CON SAFE MODE Hacking Conference. Virtual Conference. 2020. url: https://www.youtube.com/watch?v=jp4qMNX5Xnc
Nils Weiss and Enrico PozzobonFrom Blackbox to Automotive RansomwareCAST e.V. Workshop: Automotive Security. 2020. url: https://cast-forum.de/workshops/programm/285
Nils WeissAutomotive Penetration Testing with Open Source SoftwareOpen Source Specialist Group – A Specialist Group of the British Computer Society. Virtual, 2021. url: https://www.youtube.com/watch?v=8kaRfh5tLLw
Nils Weiss and Enrico PozzobonAutomotive Network Scans with ScapyIT Security Conference Troopers22. Heidelberg, Germany, 2022. url: https://troopers.de/troopers22/agenda/tr22-1047-automotive-network-scans-with-scapy/
Enrico PozzobonRelay Attack applied to NFC Virtual Car KeysOnline event: ASRG-WORLD 16. 2020. url: https://www.youtube.com/watch?v=N8G1MaXjufs
Alexander Meisel“Best Practices Guide: Web Application Firewalls.”OWASP AppSec Asia 2008 Taiwan. 2008. url: https://owasp.org/www-pdf-archive/AppSecASIA08-BPWAF.pdf
Alexander Meisel“Best Practices Guide: Web Application Firewalls.”OWASP AppSec US 2008 New York City. 2008. url: https://www.youtube.com/watchv=k8JcKLirw2U
Alexander MeiselApplikationen als neuer Security PerimeterOWASP AppSec Germany 2010. 2010

Training

Nils Weiss and Enrico PozzobonAutomotive Security Testing and Automation Hardwear.io Conference. The Hague, Netherlands, 2023. url: https://hardwear.io/netherlands-2023/training/automotive-security-testing-and-automation.php
Nils Weiss and Enrico PozzobonAutomotive Systems HackingIT Security Conference Troopers23. Heidelberg, Germany, 2023. url: https://troopers.de/troopers22/trainings/xe9hbl/
Nils Weiss and Enrico PozzobonAutomotive Networks-, Controllers- and Systems SecurityHardwear.io Conference. The Hague, Netherlands, 2021. url: https://hardwear.io/netherlands-2021/training/automotive-networks-controllers-systems-security.php
Nils Weiss and Enrico PozzobonAutomotive Networks-, Controllers- and Systems SecurityNullcon. Berlin, Germany, 2022. url: https://nullcon.net/berlin-2022/training/automotive-networks-controllers-systems-security/
Nils Weiss and Enrico PozzobonAutomotive Systems HackingIT Security Conference Troopers22. Heidelberg, Germany, 2022. url: https://troopers.de/troopers22/trainings/xe9hbl/