“Modern Automotive Vulnerabilities: Problems, Causes and Outcomes”

Stefan Savage

Professor, Department of Computer Science and Engineering, University of California, San Diego

2018

Abstract

Over the last six years, a range of research has transformed our understanding of automobiles. What we traditionally envisioned as mere mechanical conveyances are now more widely appreciated as complex distributed systems ‘with wheels’. A car purchased today has virtually all aspects of its physical behavior mediated through dozens of microprocessors, themselves networked internally, and connected to a range of external digital channels. As a result, software vulnerabilities in automotive firmware potentially allow an adversary to obtain arbitrary control over the vehicle. Indeed, multiple research groups have been able to demonstrate such remote control of unmodified automobiles from a variety of manufacturers. In this talk, I’ll highlight how our understanding of automotive security vulnerabilities has changed over time, how unique challenges in the automotive sector give rise to these problems and create non-intuitive constraints on their solutions and the key role played by the research community driving industry and government response.

Biography

Stefan Savage is a professor of Computer Science and Engineering at the University of California, San Diego. He received his Ph.D. in Computer Science and Engineering from the University of Washington and a B.S. in Applied History from Carnegie Mellon University. Savage is a full-time empiricist, whose research interests lie at the intersection of computer security, distributed systems and networking. He currently serves as co-director of UCSD’s Center for Network Systems (CNS) and for the Center for Evidence based Security Research (CESR). Savage is a MacArthur Fellow, a Sloan Fellow, an ACM Fellow, and is a recipient of the ACM Prize in Computing and the ACM SIGOPS Weiser Award. He currently holds the Irwin and Joan Jacobs Chair in Information and Computer Science, but is a fairly down-to-earth guy and only writes about himself in the third person when asked.