ECU Hacking by Matrickz Team (2019)

ECU Hacking by Matrickz Team (2019)

[Music] before we begin the demo let me tell you a little bit about our company matrix all my colleagues here are from matrix and we work 100% in automotive domain we work in four different areas one is ECU development so we develop the into an ECU we work as a Tier two company so Tier one companies make the system the system consists of software hardware and mechanics they provide the hardware and the mechanics and we make software for them and this is what our one department and then we have a safety functional safety and a spice department where we do safety consulting safety concept and that kind of activities we have a testing the department if you are familiar with the classic Vee model of automotive we’re on the right side of the V model in this testing department and finally we have a security department and my colleagues here are gonna show you one demonstrator they have built in our as our penetration testing test bench and one thing that I want to tell you we were talking to some of you in the in the break that we are looking for new colleagues in this area and security we’re looking for master thesis students or interns if you guys are interested joining a hands-on project where you will be able to do hands-on work real ECU’s with real cars where you will be finding out mechanism to break into it this is a very interesting area to join please feel free to write me get in touch with me we’ll be we’ll be happy to have a talk so without further ado I’m giving it over to Praveen probably why don’t you introduce yourself and you know take over the demo thank you currently I am responsible for embedded development an autist apartment here at matrix my entire experience is in the automotive domain throughout the project’s Omarosa and function safety in this demo I mean this is something for us my colleagues are also with me who helped in the stem of I can introduce Phalguna he’s the one who has set up this demo along with clouds he’s in the back seat relaxing and my colleague Jay who is taking part on the hacking part like how do you penetrate into the show the demo I would like to go through a few of the slides to give a bit of a motivation into the project okay so normally the question comes before we start into anything I’m sure based on the talks previous talks from other speakers now we have more reasons to say why Security’s important especially in a pathway from from of use of hacking a car the podiums or the car companies are much more serious about the security now and also with autonomous driving which is rapidly coming into the picture Security’s paying more and more important and also we have a connected cars coming up and there was a mention about the new security standards ISO 21 for 3/4 which is also coming in 2020 so normally we currently have a standard ISO 26262 for safety but when it comes to security there are no standard set so it could differ from project to project or companies to company so maybe from next year we’ll have some definite standard for the security very it defines each of the life cycle for the entire project which makes maybe our life much easier ok so before we go into the actual topic let’s see some of the consequences of hacking I mean what what what can go wrong with sweet happy so with the hacking maybe an authorised person may be able to lock or unlock the car or maybe he’ll be able to turn on it off the cars because it’s normally use key is coming from keyless go the issue related to keep the school there was a hacking done by Eadie see way back in 2014 so what they did was when the karun er was sleeping in a bedroom and the key fob is with him in the bedroom all in his living room and the car is in the garage so normally in order to open the door it’s in the peps it’s a passive entry passive stopped normally in order to open the car you need to have identification between the car foam and the key fob and the car computer so what they did was they came up with a device we didn’t really cost more than few hundred euros so the this handshaking between the key fob which is in the bedroom or a living room and the car which is in the garage so next day when you wake up you only have a key for Nomo car so I have also opened similar projects one of the German medium for almost two to three years so even when I see that project the entire issue of this keyless entry keyless start had hardly one safety cone the only one safety goal is whatever the message you read or the gist of the stuff stop button you read that should be safe other than that what about the security reads the identification happening between the key form and the computer there was no mention why there is no mention because there was no standard this could be one reason or maybe maybe the William doesn’t think which may be high importance but water style now if you see maybe the four years back is you see a easy of a keyless go and if you see a killer squeeze you know there’s a lot of different maybe long back then we were using RF frequency now there are NFC is being used or there are ultra wideband frequencies being used you know shortening the time and of the data set up definite time you’ll meet the handshake should happen between few milliseconds otherwise it won’t be considered as authentic so there are many other mechanisms but definitely if you consider okay is it is this enough we don’t know because there is no Stan in place so I was talking about the Chrysler Jeep had the normally which started you know getting into the infotainment system because normally the car companies also say hey there is a you squat into the infotainment system but not into the canvas so there is nothing much you can control because whenever this attack started although it was normally with increase in the volume maybe for example if you are in a high speed and if the volume is certainly increased of the car radio or car multimedia then it can have an effect so normally even the companies say that hey there is no kind of isolation between the canvas communication and the infotainment if you really get into infotainment there is nothing much you can do but again they improvise their hacking and they were also able to download this their own motion of software to which they can get into the canvas system so they could control almost I mean the entire car so there are many other cases where you can modify the firmware or you can update the remote from where maliciously this was also one of the second phase of the Chrysler Jeep attack and also inject arbitrary can package so there is a lot of consequences if someone can really get into the car or you know can access the car ok now coming to the possibilities of hacking there are two types one is a wired axis I mean you have a wired access to the car you have access to the normally the can bus or the OBD port of the car wherein you can connect your issue or hacking issue to the aubry port and you can try to reach the can messages the second one is a remote access that is normally happens via Wi-Fi or Bluetooth if you are in a Bluetooth zone then you with the same frequency or with the Wi-Fi if you’re in the same network there are possibilities and also with the GSM so normally it is a wired and the remote access but in today’s demo we are more concentrating on the wired axis so we’re going to talk about how we can get it to the canvas of the car or and try to read the can messages and how we can alter to you know show our control over the car is you yeah okay so now coming to the car hacking technique there is something called have you heard of this word autoimmune this is also one of the disease there is a disease called autoimmune so normally at all you mean is the disease where Ewing system of your body by mistakenly attacks your own body cells so normally when it comes to hacking what we do is the hacker of the ECU waits for a target component to send up one of the wind for example if you want to hack X ECU then you wait for its frame your ECU will wait for its frame and at the same instance the hacker ECU sends its own frame by corrupting single bit that overrides the original frame of the target it is you so by doing this what happens is whenever the target is you identifies that okay there is an incorrect way to try to recall the message recall this faulty message so over a period of time by doing this way often you make this target is you feel that you know it is already sending a lot of 40 messages and also it will inform the network that okay maybe something wrong with me so I will disconnect so this is one of the hacking technique were normally used not to override any functionality rather to disable one of the functionality so that’s how it works with the autoimmune there is another hacking technique where we modify the content of the message so the first one is not about the modifying dependent of the message you are already but the second one is about the modifying the content of the message so here you get into the car canvas system maybe throw OBD port and try to listen in all the messages because you don’t know what CSE they are using or what polynomial they are using so you won’t be able to hack that easily so you will start listening to the messages which is being exchanged in the canvas and one thing of messages are accumulated we start analyzing the content of the message like okay what is the arbitration ID what is the message length what if the content of the message what is this here’s etc we try to capture the data we try to analyze the canned messages so in this case we also pry out different shears if polynomial function because we don’t know there are n number of series of polynomial functions and the manufacturer of the issue or that function might be using any of them so you don’t know so it’s kind of a brute force you have to keep trying with a different polynomial different crc until you get it and if there is a and okay try to send a new frame with some of the arbitration IDs and observe the response because it’s kind of a trial and error method brute force so you keep checking whenever it is not the right CRC or it is not the right ID you will get the negative message back so if there is a negative response then try to change the arbitration ID sincere C’s repeat this enough times and until you get the right CRC and in in the sense you try to read the messages what’s here so the polynomial they use until that you should keep using it it’s normally kind of a brute force if you write the algorithm you can try out several different possibilities of CRC so you can find it out easily and after this once you get to know what what is the frame and what is the arbitration ID what is the length what is the polynomial is been used you can you know modify these messages or you can send your own messages with the same bit length and CRC so normally you will have the control over the ECU so this is more of a basic or kind of introduction into what we are trying to do now I will give it to my colleague algún so he will take you through the demo or the setting of the demo what a lot the different issues are used and how it has been assembled thank you probably so as probably explained the brief introduction of why the card hacking is actually important so now let’s get into the demo setup so before that general introduction of what an issue is if you is just a small embedded digital computer and then it runs in a close control its tries to read the data a sensor data from different sensors it handled specific tasks like for example there might be engine control ECU which handles the speed rpm and stuff and there are typically around 80 to 100 issues in a in a modern car and the examples of issues are as you can see body control module about in control module door control unit engine control unit speed control unit transmission control unit and it as the newly coming up ADA’s ECU’s now this is how a typical car looks like so there are various issues connected and each of these issues will handle specific set of functionalities and each of these issues are in communicating between each other using the can network the elbe can messages that get exchanged and there are there are also other set of messages like Lin flex rate that will be specific to some of the modules like for example the door control module to communicate with the actual mechanical part it uses the Lin but majority of all majority in the car the complete network would be connected over a camp this is how a can network looks like it’s a very minimized model of a can network so there will be a main canvas to which all the issues will have connections and each of the whichever ECU wants to send a message it puts the message onto the canvas and with a specific destination ID and that destination ID will be programmed in different issues so whichever is you who has to deserve receive this information so it receives those information unpacks the information and processes the information and takes the necessary actions so here you can see a message that is put on the canvas is accessible to every issue so this is the main principle that we are going to use to hack the car network so if we get an access to the canvas in the car so then a small issue as small as raspberrypi we get the can messages and then once we start deciphering the messages we can get to know as Praveen explained in the technique of hacking so we get the canned message and then we try to analyze and then we send out the correct arbitration ID and the functions and also how a car can be act there are these obd ports onboard diagnostic port so we connect to the onboard diagnostic port and then this will be available under the steering steering wheel or near the bumper so using these OPD ports we hook up the OBD port can be the connector and then from there we can start sniffing the can messages like on a linux terminal you just use a can dump and then you start receiving all the canned messages and this is the block diagram of our setup we have a we have three issues one issue is the nxp board the other unit is the vector we have used the vector can we display this is to simulate the display unit function and the third is used the hacker issue we have chosen the Raspberry Pi and we have added the can transceiver on top of that so there is a connection between the main issue and the NXP board and the vector can know if you think that we want to stress here is this duplicates replicates the small functionality of a car and if the hacker ECU if the hacker tries to get access to the main canvas and gets a connection out so he can connect that canvas to the hacker issue which is the Raspberry Pi and then start sniffing the messages so one thing I forgot to mention was so in a can-can bus there are mainly three wires one is can hi one is can low and then the third one is ground so basically we need three wires to pull it out and then connect to the small ECU and then you should be able to read all the canned messages and this is a small setup that we have done a three way connector to get the canned message out onto the Raspberry Pi so this is the complete connected set up the set up is here it’s due to the place current strain will not be able to show we will show the demo on the can we display but but this is how the connected setup looks like now so we do on the connected hacker ratio so first first of all when we open a connection we open a SSH connection onto the Raspberry Pi we have on the Linux OS we just open up the connection and then we issue the command Kanda this command will tell us all the can messages that is being exchanged on the campus or rather all the can messages that the Raspberry Pi is able to see so how do we interpret a can message here so each of the entry is a canvas and this is the network ID channel name this is whether it is a transmitted message or a received message in terms of the connected device which is the Raspberry Pi ECU and this is the arbitration ID this is the data length code and this is the data itself so here as you can see we have taken ask snapshot of the can dump which we connected on to the Raspberry Pi and what we try to do is once we start receiving the messages we take a bulk amount of message we start analyzing each of these message try to see what different messages are getting periodically exchange between the nxp board and the vector Kanoa and then try to find out which is the arbitration ID which is really important and then after that we try to send the message back again using our NXP or raspberry pi board if we get a negative response code like for example here we we send some message and I think here okay so in the demo we will show the negative response code and then how do we send a message it would be using a can send that’s an another API so using can send we send out the message the format would be the can channel interface name and then next the arbitration ID hash is the we give hash to differentiate between the arbitration ID and the data and the complete data that we send so whenever we send that message so you can see that here in the candle you have captured that to transmit that’s why it’s a transmitted message and then the whole message is being sent onto the network now we’ll switch into the demo so this is the canno dashboard that we have develop so this is a very small part of the dashboard we are try to the functionality that we have implemented in our nxp board is a speedometer the fuel tank indicator the RPM the left hand right indicator lights and then we have the volume control here and then different radio station being played we have also simulated the messages that will get transmitted so using the keyboard whenever we press some keys so that would simulate the message in terms of like for example if the if the driver is pressing on the accelerator button so we have simulated that using a key press so like for example if I press so if I keep pressing the keyboard button specific key button then the speed keeps increasing and the speed decreases I can switch on the indicator light switch it off so this is the simulation of a normal car a small simulation of the small part of the simulation of the normal car that we have done now there is another PC that is connected here and there is the Raspberry Pi this is the hacker issue that we have programmed and then the connection is made to the Raspberry Pi and Jay will explain here what he’s going to do with the hacking issue so this is the terminal treat SSH terminal that he has opened on the Raspberry Pi so we are logged in to the Raspberry Pi and then what he would the action that would be he would be doing is try to sniff the can message by using a condom all the messages that are being transmitted over on the canvas will be displayed on the condom and then we have already analyzed the code so he’ll be trying to send canned messages on top over the SSH connection from the Raspberry Pi to the NXP board if there we also have the CRC functions implemented without CRC it would give us a negative response code and then we have brute force as prevented mentioned previously so we had brute force using the different polynomial function to find out what is the exact polynomial function that has been used in the nxp board and once we get the right polynomial function using the different arbitration ID we try to have we have written a script which will try to send out the message periodically different important messages like for example in terms of speed it keeps changing so whatever value that that is being sent from the main issue main car is you from the witch which is a simulated version of the drivers input it will get masked using by the raspberry pi hat commands just a second we are trying to get into the Raspberry Pi SSH connection what is an arbitration ID okay well that’s it the kind message I have a message I also sense a CAD message and this is an identified interest by the application ID so this hit glutes ID of the receiver of the canned message and also has a priority information from the car message because the arbitration is a rule of the panel it sure would be what hacker would use this way to get into a car because as I understood it you have to get into the car to put the Raspberry Pi on right it’s a very good question it’s a very good question because this is a scenario that is not very known at large and the question is why I mean I need a physical access why would that happen that’s very typical because most of the vulnerabilities that we have seen in the past for example the vulnerability discovered by ad ACH without a TT vulnerability with an airbag disabling that happened in the garage so this is exempt this obd2 port is exactly for when you take the car to the garage for your service provider to plug in and update your software it turns out there was a malicious software in the PC of the other of the service provider and there were some malicious coordinates so it is very likely that you’ll be able to do that now it’s the second scenario imagine that you do not have any access but still this old boot obd2 for is very very vulnerable because what we’re do the development is going toward in this direction that you will be proud you can buy actually devices from the market that gives you a bluetooth connect connect ssin with your mobile device with it obd2 port and that’s it if you can somehow get into the obd2 port remotely the rest is what I’ll gonna showing here that’s why it’s very important but a good question here so you don’t always need the physical and access you can also do it by remote you can also do if there is a remote interface through the VD to port which is which will be the future you will be able to put a you know connect your mobile device with the we don’t really to port and then this is this is the rest of the mechanism is roughly the same yeah so do I don’t know hasn’t point so whatever Raspberry Pi unit that we are having here so we can just put make that as a hacker unit and then plug into the OBD port and then leave it in the car and we might just add a Wi-Fi module on top of that and then outside from outside anywhere you can just connect into the Wi-Fi network and then start hacking into that cars know let’s go as using it was not even a hack right it was it was okay it was more of creating kind of a message repeater which you know because normally that if the key fob is in the bedroom and the car is indicated editions is more normally this handshake doesn’t happen so they will create one more hardware device which is kind of a repeater so it will repeat the message amplify it so that it makes it feel to the kief of that okay to the car that key fob is near so that the handshake is happening but is not something physically connecting but as I said it’s not that always you have to connect and raspberrypi this something we are showing to a car in order to get into the canvas there are also other way like guys show in the set in the chrysler hack they firstly according to the infotainment then they were able to download the malicious firmware through which they are able to get into the canvas so that is also possible yeah okay well that is a very good question and I think this is this question is very minimal model trial into it to crack the CRC right it will depend this is this is this is something that will depend on the on the length of the of the message and a lot of things so the short answer is it’s possible with with a very simple PC it doesn’t take forever well I mean I am I tend not to give you an answer because this is a mathematical question if I don’t have the exact number I would so again it depends on the complexity of the crypto algorithm that you want to use so if you’re if you are having some messages which are not crypt to encrypted not all the messages are encrypted so if you are having some messages which are very much periodic and then not that critical then you can literally read out the message and then just send the same message analyzed which would take like half an hour and then send out the message if the algorithm is really complicated you try out a lot number of times and then one thing that you can do is take a lot of a huge amount of kanda and then not send to the on the network but just try it out different combination using the script saying that okay for this kind of input what would be my CRC and you have the calculated CRC on the messages of the received message itself so you try to calculate and then try to match with one message and then try repeating the same thing on the different messages once you make sure that you have you have a feeling of okay this might be the CRC then probably you can try it on the real car sorry for the delay we got the things back up so now I hope you can see the fun but if not it’s just trying to do a condom so these are the messages that are getting exchanged in the can they see you so if I say if I change any of this code so you can see different messages being exchanged here so using this sender can can message you can see that well it is CRC protected you can actually notice from here that it is here see protected but it is here see protected but once he tries to stand send the can message yeah so here is the negative response code that we got for that particular arbitration ID he tried to send it for phone at 7:00 and then we got 0 7 & FF that way that is the negative response code we got so that’s when he realizes that ok that is something wrong and then he tries to use the CRC function and then using that he has written a script which he’ll be running and this is the output when he runs the script he has found out analyzed and then found out the right CRC function which will not be showing here so the after getting the right CRC function he has written a script which will try sending different messages so if you see the fuel indicator is just going haywire just because of the script he is trying to send message every one second and whatever the mainly CEO does it does not matter at all in this meantime because that signal is getting masked directly from by the Hat DCU and this is the speed changes you so the speed and rpms are getting changed randomly even when the actual speed is different so this is a very major security threat because once the hacker gets access to these messages say for example the driver is driving the car on the on the highway so he tries to see this different speed actually the car now might not be going and at this speed but he’ll get a shock like that what is happening I’m right now I’m going at 250 speed and then suddenly changing back to 40 km/h so this is a very security threat consequence and also we have seen this being done on a real car we have we have taken a small car dump the condom from the real car and then we had analyzed based on that using that functionality we have coated a minimalistic set of functionalities on the small ECU so now Jay will be explaining he’ll be explaining about the future scope of the project so so right now we just implemented a minimalistic functionality and going forward we need to prove this concept on a larger scale so for that we need to try the UDS protocol maybe flash software if you are able to hack into the secure session will be able to control the firmware that is being written and also reverse engineer as you know the you know UDS is a standard protocol for the diagnostic functionality we have for Diagnostics we’re in a garage somebody can you know diagnose your vehicle for Falls and errors and so some of the major so there are different services many of which you can use to follow secure flash and if somebody is gaining access into the secure session using some of these ideas that you should see on the screen it’s also possible that you corrupt the firmware oh but as in many cases there is a check on the downloaded firmware before you start execution this problem that is also possibility that this is covered in the current safety mechanisms but what is not covered is when you try to read the memory by reading from particular address which in most cases can be guessed and here you have access to the form and you’ll be able to reverse-engineer firmware using some robust engineering tools like Deidre and this can be used to you know corrupt the software so the next are the other option would be to use let’s say not as a can stack where we can prove this concept by implementing the Seco C communication and try to hack in so this is stuff this is the plan going forward to prove this concept and to try to find out the vulnerabilities yeah so any questions thanks so in the beginning you were mentioning that you were basically forging these these messages to have wrong bits set in order for the I believe it was the sending entity to ultimately decide to switch off which of course assumes some kind of fault detection ultimately okay did you check or are you working with other dos attacks like targeted dos attacks that actually targets like counter drums counter overflows or any like flooding of the of the campus with way too much too many messages or any like electrical attacks electrical attacks well I mean in this within the scope of this project no I mean we have other customers that we work on different difference but we didn’t do scope of this project it has been like a set like that the concentration was to come up with a the proof of concept where we can hack an ECU replicate the the can messages and and yeah a minimalistic DDoS attack to answer your other part of the question flooding and have you ever considered much yeah so not here we’re actually working on a light project for a William where we have this cost consider this possibility considered already so there are safety mechanisms in place where you find that when canvas is being flooded and there is no possible response there are timeouts there are safety so so that’s something we did not consider here so we have already experienced is possibility in the live scenario okay and like minimalistic security features like these countries for example that prevent theoretically should replace so there are also possibilities that due to overloading of the ECU itself the can stack might skip a cycle and then we have the counters as you said where it checks the current counter – with the actual the past one and then see is that okay I’ve missed a bit and then depending on the criticality we have to go into a safe State or we have to notify the other the actual applications using this messages that there might be a possibility that you’re working on a older mrs. dan intended okay so so was getting into the the safe achieve what was it called fault secure failover state of the car was that actually also target instead of tossing the system forcing the car on a highway into the city of a local state yes next question what are possible approaches and fixing this issue with the canvas because in my opinion you have already lost if an attacker gains access to the can bus and are there currently any approaches and either fixing of this will really crypto or maybe replacing canvas with something completely else very good question you want to take it yes so one thing that is coming up in the a – or deserves tag is the crypto and the I am stack so in the I am identification identification and authentication management so one thing what we can do right now is maybe for each of the can message that has to go out or that comes in we make sure that each of the ECU has actually authenticated before saying that this has the permission to receive the can message itself not all the issues will receive the can message on the canvas so that would be one possible implementation that can be done with the I am in the crypt of autos our stack I mean you could make it here is the aerosol law it’s axiomatic if someone is some some human builds a system which should be you should be able to unbreak it this is this is for sure you can only make it more difficult so the only thing if there were a crypto on top of the scan messages if your leg encrypted it would have been much more difficult to brute-force CRC is not an encryption right I mean you can break it but if there’s an encryption it’s much harder it’s not impossible it’s just gonna be much harder it doesn’t take much to put it little crypto right maybe if I may add something here to have a bigger picture as well there are of course approaches like animal intrusion detection for cars so there’s interestingly in Israel there is a very vibrant adviser startup scene so they are like popping up like mushrooms security automotive companies and one of them was acquired by your company so yeah thanks for mentioning that yeah true so this is of course attractive for many car manufacturers that there’s such such a focus on that and in terms of additional or let’s say exchanging the bus systems as such there’s also one approach or having automotive Ethernet in the future with more bandwidth with more possibilities also to introduce security features and you need this bandwidth to have the support of future automotive architectures so there’s this idea of having more intelligent components in the car capable of more than only one easy unction ality so also this is of course kind of a trader a driver to have also introduced more security in the cars because then you have more storage and more computing power that we need also for the script remark well mark I’d only have a remark on that so what currently other manufacturers and OEMs are doing is that they do not encrypt their messages because in many cases you decide that you do not really care who knows what in a car but you rather go for signing and they do that by using H Mac and as a metric encryption efficiency of which is questionable but the problem is actually that if you do hashing well not hashing but macking for example the image the the messages explode in size and the problem with can is that standard can can only transmit 8 bytes and every byte in every bit within a byte is used differently and many of these systems so that is also a reason for automotive can because even if you decide that you do not want to encrypt which again adds size but only wants you hash or Mac it will explode your message lengths so talking about factors of like 9 times the message length and that is something that in many cases you cannot afford and that’s why as on the holistic approach we talked about we have to look at the entire vehicle architecture and we have kind of D we have flex rein now I I think the future Fisher is moving toward Ethernet so if there is no more question so I have I have a question to you because we with this project will be ongoing and what we what we see in the automotive industry today when we try to recruit we find IT security experts there very good idea security experts or very good automotive engineers so it’s really really difficult to find a blend you know who understands automotive engineering at the same time security so those of you who are interested in doing a master’s thesis internship or eventually working in such field we are actually hiring for this particular project so feel free we encourage you to get in touch even if you don’t want to work maybe you know join our workshops get involved and we will be welcome welcome you to have you on board yeah thank you so much and be and for the team though the panelists anything else to add in the end was very nice and also very interactive thank you so much yes yes thank you very much and I would like to add one word maybe a magic term trustworthiness transport so this is something that is very important in the automotive industry for the highly automated driving you need trust to get your the passengers trust the algorithms they use otherwise they won’t use it that’s our experience yeah so trust your car in tomorrow so enter your car without any worries there’s the probability in fact is not that high currently to get hacked so I would even say that it’s still kind of let’s say experimenting mode they’re proof of concepts there are academic hex of course they have impact but even if you look at the g-pack is what’s not the case that the week after the publishing the g-pack thousands of jeeps were just crashed no of course there is there is actually a reason for that the reason is I mean the internet the motivation of the Internet criminal industry is the focus is somewhere else easier more lucrative targets like ransomware yeah good for us yeah there will be a list of just a question of time that those will have those will become more and more security hard to get into and it’s just a question of type with the economic incentive people will get into your automotives and there’s not only economic incentive there can be political motivation there can be can be other motivations to hack into your car it’s not happening today is not because it’s not possible it’s just that there’s more money in somewhere else I don’t disagree I mean it’s just a question of time on the other hand if you are a manager and have to decide on budget you are calculating with risk and benefits and costs and as long as there’s let’s say not that criminal energy behind it maybe besides the key fob thing but even in that case the calculation is like okay what does a new introduction of brand new key fob third but what does it cost me and what does it cost me if a hundred cars per year are stolen what do you enable insurance pays and those guys distributed to all of us so there’s not really let’s say pressure currently but I agree that is this will change that that’s what I want to say that okay currently may be academic proof of concepts but this will of course change as we have seen it in other domains in the past well at the end I mean as of course Automotive security sounds very attractive is the end I’d sale insurances it’s kind of like you know like a deja vu coming in or a motive industry the policy enforcement point policy decision point the session management in Identity and Access Management that we talked about ten years ago now adaptive also has a component for it because there is no way you will be able to deal with complexities like car to car or car loan excommunication without having a a proper identity management system okay not to open the next box I think this was supposed to be the closing word so I think if we start Identity Management I think we will go on but again thank you so much for joining yeah and let’s mean let’s be in contact we will you fury for if you’re not yet the group member please you know subscribe to the group because we’ll be announcing more advance and please join us I make sure you have topics that you’re interested in you can also shared with us the email absolutely absolutely always open thank you so much the matrix team and mark thank you thank you so much for organizing it and the panelists thank you thank you thank you in this podcast show we bring in the industry leaders and experts in the automotive domain to share their experiences along their journey the mission of our podcast is to start a dialogue that will allow us to understand the development of automotive industry and where the automotive industry is going you can ask questions to our guests directly just send us an email to podcast at matrix de we’ll schedule a call with you during the recording and you’ll be part of our show make sure you subscribe so that you’ll miss any new episodes please share this video to help others get enlightened as well and that would mean a great deal to us see you in the next episode [Music]

Related Posts

Keyless Door Lock Reviews | Gate lock ideas | Elemake Keyless Deadbolt Installation

Leave a Reply

Your email address will not be published. Required fields are marked *