Reinhard Kugler

A Hitchhikers Guide to Container Security - Automotive Edition 2024

Could a single container hack change your car's instrument cluster in real-time? Learn how eBPF provides kernel-level defense for the next generation of software-defined vehicles.

A Hitchhikers Guide to Container Security - Automotive Edition 2024
#1about 2 minutes

Recalling a famous remote car hack from 2015

A historical remote car hack demonstrates how attackers gained control over vehicle functions by pivoting from the infotainment system.

#2about 4 minutes

Shifting from distributed ECUs to centralized computers

The automotive industry is moving from a complex network of individual electronic control units (ECUs) to centralized high-performance computers (HPCs) to simplify updates and maintenance.

#3about 6 minutes

Running containers with access to vehicle electronics

A live demonstration shows how a containerized application can directly access and manipulate a car's internal network to control components like the instrument cluster.

#4about 5 minutes

Using eBPF to observe and secure container networking

eBPF programs can be attached to the Linux kernel to observe and filter a container's network traffic at a low level without requiring a sidecar.

#5about 2 minutes

Securing hardware update channels with eBPF policies

eBPF can trace and block unauthorized write operations to hardware interfaces like the SPI bus, preventing malicious firmware flashing from a compromised container.

#6about 2 minutes

Understanding the offensive potential of eBPF rootkits

eBPF is a dual-use technology that can also be used to create stealthy, in-memory rootkits capable of modifying network packets on the fly.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Technical challenges of shipping a cross-platform browser
09:38 MIN

Technical challenges of shipping a cross-platform browser

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Malware campaigns, cloud latency, and government IT theft
01:06 MIN

Malware campaigns, cloud latency, and government IT theft

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Comparing the security models of browsers and native apps
05:01 MIN

Comparing the security models of browsers and native apps

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Prompt injection as an unsolved AI security problem
07:39 MIN

Prompt injection as an unsolved AI security problem

AI in the Open and in Browsers - Tarek Ziadé

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

Crypto crime, EU regulation, and working while you sleep
01:15 MIN

Crypto crime, EU regulation, and working while you sleep

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Using AI to overcome challenges in systems programming
02:49 MIN

Using AI to overcome challenges in systems programming

AI in the Open and in Browsers - Tarek Ziadé

Ensuring accurate testing across different browsers and devices
07:12 MIN

Ensuring accurate testing across different browsers and devices

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Featured Partners

Related Videos

See all videos
Cybersecurity for Software Defined Vehicles22:09

Cybersecurity for Software Defined Vehicles

Henning Harbs

Automotive Security Challenges: A Supplier's View58:59

Automotive Security Challenges: A Supplier's View

Davor Frkat

A solution to embed container technologies into automotive environments30:33

A solution to embed container technologies into automotive environments

Falk Langer & Lukas Stahlbock

The best of two worlds - Bringing enterprise-grade Linux to the vehicle41:03

The best of two worlds - Bringing enterprise-grade Linux to the vehicle

Joachim Werner

Cyber Security: Small, and Large!37:32

Cyber Security: Small, and Large!

Martin Schmiedecker

Turning Container security up to 11 with Capabilities28:47

Turning Container security up to 11 with Capabilities

Mathias Tausig

Car's are Technology on Wheels - Impact of Software and IT Competence in Automotive21:47

Car's are Technology on Wheels - Impact of Software and IT Competence in Automotive

Rahima Yakoob

On developing smartphones on wheels1:51:43

On developing smartphones on wheels

Hans-Jürgen Eidler

Related Articles

View all articles
DC
Daniel Cranney
How software is steering vehicle technology
The automotive industry is entering a transformative era, and developers have a unique opportunity to be part of it. Cars are no longer just mechanical machines; they’re sophisticated tech platforms with software at their core. This shift, defined by...
How software is steering vehicle technology
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.