The introduction of Information and Communications Technologies (ICT) systems into vehicles make them more prone to cyber-security attacks. Such attacks may impact on vehicles capability and, consequently, on the safety of drivers, passengers. Indeed, the strong integration between dedicated ICT devices, the physical environment, and the networking infrastructure, leads to consider modern vehicles as Cyber-Physical Systems.
This workshop aims at providing a forum for researchers and engineers in academia and industry to foster an exchange of research results, experiences, and products in the automotive domain from both a theoretical and practical perspective.
Its ultimate goal is to envision new trends and ideas about aspects of designing, implementing, and evaluating innovative solutions for the Cyber-Physical Systems with a particular focus on the new generation of vehicles.
Indeed, the automotive domain presents several challenges in the fields of vehicular network, Internet of Things, Privacy, as well as, Safety and Security methods and approaches.
The workshop aims at presenting the advancement on the state of art in these fields and spreading their adoption in several scenarios involving main stockholders of the automotive domain.
The list of topics includes (but it is not limited to):
Architecture, design, and implementation of safe and secure Cyber-Physical Systems
Automated Vehicular Technologies
Vehicular Communications and Networks
In-Vehicle communication protocols
User-friendly authoring tools to edit privacy preferences
Technical infrastructures for privacy and security policies management
User-to-Vehicle interactions and communications
Software Process Development in Automotive systems
Security threats and vulnerabilities of Cyber-Physical Systems
Safety and Security Trade-off and Convergences
Cooperative/collaborative vehicular systems;
Cyber-security solutions for connected and autonomous vehicles
Privacy of vehicular data
Driver behaviour characterization
Standardization and Interoperability
Welcome domains of application are (but may not limited to):
The member of the Sowhat R&D group are happy to present CANDY CREAM.
Demo. CANDY CREAM: haCking infotAiNment AnDroid sYstems to Command instRument clustEr via cAn data fraMe.
Description. CANDY CREAM is an exploit that works on an Android In-Vehicle Infotainment (IVI) system connected to the CAN bus of a car.
CANDY CREAM first exploits a found vulnerability to remotely access the Android infotainment system. The exploit is then injected in the Infotainment system to attack the instrument cluster of the car. In particular, it performs the following actions against an instrument cluster:
Send random CAN data frames to activate the odometer;
Submitted papers must be written in English and must contain results that have not previously
published nor concurrently submitted to a journal or conference with published proceedings. Any partial overlap with any
published or concurrently submitted paper must be clearly indicated. Submissions, as pdf files, are limited to 12 pages. The
selection of accepted contributions will be based on peer-review by the PC. Accepted papers will be published by Springer
in “Lecture Notes in Computer Science” volume.
Papers must be submitted electronically through EasyChair at https://easychair.org/conferences/?conf=strive2019.
It is required that each accepted paper be presented at the workshop by one of its authors.