ScapyCon 24 - Insights Into Vehicle Attack Vectors - Jan-Peter von Hunnius

This talk gives an insight into the current state of vehicle security, highlights infamous hacks and shows where vulnerabilities still exist.

About dissecto: Founded in 2022, by the maintainers and primary contributors to “Automotive Scapy“, a widely embraced packet manipulation tool in the automotive industry, dissecto specializes in simplifying cybersecurity testing for embedded systems. Our flagship product, dissecto HydraVision, is an automated security test environment for electrical control units (ECUs), that detects and reports vulnerabilities. Alongside, we provide security training, pentesting and advanced hardware solutions like the dissecto HydraLink interface. Find out more: www.dissecto.com

About ScapyCon: ScapyCon Automotive 2024 was a two-day event focused on network packet manipulation, attracting 75 participants. Held on September 18-19 at Techbase Regensburg, it featured 10 expert speakers and 3 hands-on workshops, covering applications from automotive to IoT and aviation. Attendees explored advanced capabilities of Scapy, the premier Python tool for packet manipulation.

About HydraVision: HydraVision is a platform as a service that enables automated security testing over the entire lifecycle of an ECU and ensures compliance with the latest industry-specific guidelines and standards such as UNECE R155 and ISO 21434. With our intelligent security test environment, manufacturers and suppliers can not only easily comply with the new directives and standards, but also carry out practical cybersecurity tests on their products – automatically and remotely. We proactively develop test cases for new threats (CVEs) reported by developers, dissecto Research or third parties such as Auto-ISAC or ASRG. This allows attack vectors against your system to be verified and validated in a timely manner. In addition, you gain full control and transparency over all components of the platform in order to review and audit them and to design your work process as individually as possible. Learn more: https://dissec.to/dissecto-hydravision/