Broadcasting Your Attack: Security Testing DAB Radio in Cars

Black Hat USA 2015

Presented by: Andy Davis
Date: Thursday August 06, 2015
Time: 14:30 - 15:20
Location: South Seas ABE

Digital Audio Broadcasting (DAB) radio receivers can be found in many new cars and are in most cases integrated into an IVI (In-Vehicle Infotainment) system, which is connected to other vehicle modules via the CAN bus. Therefore, any vulnerabilities discovered in the DAB radio stack code could potentially result in an attacker exploiting the IVI system and pivoting their attacks toward more cyber-physical modules such as those concerned with steering or braking. This talk will discuss the complex protocol capabilities of DAB and DAB+ and describe the potential areas where security vulnerabilities in different implementations may exist. I will discuss the use of Software Defined Radio in conjunction with open source DAB transmission software to develop our security testing tool (DABble). Finally, I will talk about some of our findings, the implications of exploiting DAB-based vulnerabilities via a broadcast radio medium, and what this could mean for the automotive world.

Andy Davis

Andy Davis is Research Director at NCC Group. He has worked in the Information Security industry for over 20 years, performing a range of security functions throughout his career. Prior to joining NCC Group, Andy held the positions of Head of Security Research at KPMG, UK and Chief Research Officer at IRM Plc. Before working in the private sector, he worked for ten years performing various roles in government. Recently, Andy has been leading security research projects into technologies such as embedded systems and hardware interface technologies and developing new techniques for software vulnerability discovery. Andy regularly presents at conferences such as Black Hat, CanSecWest, Infiltrate, and EUSecWest.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats