Webinar: Automotive Security Threat Landscape
Sep 24, 2015
Last year, over 4,000 vulnerabilities were reported in open source software (and thousands more in proprietary code). While most threats target enterprise data centers and desktop PCs, increasing integration of open source in In-Vehicle Infotainment (IVI) head units and other automotive systems makes vehicles potentially subject to the same types of exploits. For automakers, this year was crowned by white hat attacks on IVI, vehicle control and security systems using standard 3G connections and readily available aftermarket components.
As IT and automotive industry participants learn of each new threat and take steps to remediate it, there is a collective sigh of wonderment as to “when will it all end?”
This webinar, presented by the GENIVI Alliance, will characterize the range and type of cybersecurity threats to the automotive ecosystem and to the vehicles it delivers. Discussion will include network-based exploits (3G), local attacks (WiFi, Bluetooth and wireless keys/key-fobs), the role of open source software in automotive systems design, and steps OEMs, Tier One suppliers and other ecosystem participants are taking to meet cybersecurity threats head-on.
Bill Weinberg, Senior Director, Open Source Strategy at Black Duck Software. read more
David Sequino, VP/GM INTEGRITY Security Services at Green Hills Software. read more
Karl Heimer, Founding Partner at AutoImmune, Inc a company specializing in automotive cybersecurity. read more
Hadi Nahari, Chief Security Architect, NVIDIA Corp. read more
Bio: Bill helps Fortune 1000 clients create sound approaches to enable, build, and securely deploy open source software across the enterprise, in the cloud, and on intelligent devices. With a career spanning over thirty years, Bill’s expertise bridges open source business and technology, development tools, application and system security, mobile/embedded software, and the Internet of Things.
Prior to Black Duck, Bill ran his own open source consultancy, Linux Pundit. Earlier, as General Manager of the Linux Phone Standards Forum, he worked to establish standards for mobile telephony middleware. As a founding team-member at MontaVista Software, he pioneered Linux as leading platform for intelligent and mobile devices, and as Senior Analyst at OSDL (today, the Linux Foundation), he ran Carrier Grade and Mobile Linux initiatives and worked closely with foundation members and open source community participants.
Bio: David Sequino is VP/GM of Green Hills Software's ISS Business Unit. With more than 2 decades of experience in the embedded & security software industry, he is working to deliver the next generation of security for devices, software, networks and content to the Embedded Industry. ISS is delivering the next generation of security by delivering a more flexible and secure way to provide authentication, authorization, integrity and access control for devices, software, networks and content. Target vertical markets include: consumer electronics, aerospace and defense, industrial, automotive, medical, and networking equipment. He is responsible for the management of the ISS Business Unit.
Before joining Green Hills Software Sequino served as VP of Sales, Marketing and Product Management of Certicom for 5 years. Sequino and his team built Certicom from a small security company into the leading embedded security company as the leading provider of Elliptic Curve Cryptography (ECC) in the world. ECC is the public key standard in the NSA's Suite B cryptographic standard. Certicom had operations in North America, Europe and Asia. The team tripled the size of the company then sold the company to Research In Motion for $130M. Before his tenure at Certicom, Sequino held various sales, marketing, and management roles at Wind River, M/A-COM, and Tektronix. Sequino earned a bachelor of science degree in electrical engineering from Northeastern University. He also attended MIT's Sloan School of Management's Executive Leadership program.
Bio: Karl is a founding partner of AutoImmune, Inc., a company specializing in automotive cybersecurity. Heimer was previously Sr. Research Director for Mobile & Embedded at Battelle where he created and led its commercial vehicle team (CAVE) and its secure mobile research team. The CAVE team conducted research to establish the accuracy and validity thresholds of anomaly detection systems in cars (CANBUS) and subsequently developed one of the first in-vehicle IDS (Intrusion Detection Systems) which demonstrated accuracy rates at the sigma 6+ level. It also conducted vulnerability research and engaged in exploring cyber mitigating and cyber preventative techniques and products. He founded the “SAE-Battelle CyberAuto Challenge” - an exemplar and highly regarded event to focus attention on the challenges and opportunities of cyber-security within the automotive market and to start development of a talent pipeline for cyber-automotive engineers. He was a division manager and award winning program manager at SPARTA on US DOD contracts where his operational focus spanned general IT cybersecurity, large infrastructure PKIs, and secure mobile communications. His team won the DODCIO Award, an award for the top 5 programs within the US DOD. Before SPARTA he was a Sr. Program Manager at Lockheed Martin and a US Army Officer working in technical cyber issues.
Bio: Hadi Nahari is a security professional with over 20 years of experience in extensive work in design & implementation of secure systems. Hadi has worked on large-scale enterprise solutions as well as embedded systems, with primary focus on security, crypto, complex systems design, and vulnerability assessment & threat analysis. Author of “Web Commerce Security: Design & Development” book published by John Wiley & Sons, Hadi is a frequent speaker in U.S. and international security events and has led various security projects for Netscape, Sun Micro, U.S. gov't, Motorola, MontaVista, eBay, PayPal, and NVIDIA among others. Hadi is currently in charge of the security architecture and strategy of Software, Mobile, Automotive, and HPC at NVIDIA as Chief Security Architect.