{"id":7407,"date":"2018-11-26T13:41:31","date_gmt":"2018-11-26T12:41:31","guid":{"rendered":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/"},"modified":"2018-11-26T13:41:31","modified_gmt":"2018-11-26T12:41:31","slug":"srm-research-seminar-authentic-execution-for-automotive-control-networks","status":"publish","type":"events","link":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/","title":{"rendered":"SRM Research Seminar &#8211; Authentic Execution for Automotive Control Networks"},"content":{"rendered":"<section class=\"wp-block-unilux-blocks-free-section section\"><div class=\"container xl:max-w-screen-xl\"><p>Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.<\/p><p>In this talk I will present VulCAN, a generic solution to provide efficient and standard compliant message authentication and software component attestation in automotive control networks. VulCAN builds upon the idea of \u00ab\u00a0authentic execution\u00a0\u00bb, which utilises trusted computing primitives to provide a notion of end-to-end security for distributed applications on shared heterogeneous infrastructures. Authentic execution guarantees authenticity and integrity, and the secure control of I\/O devices by mutually authenticated distributed application modules. In the context of vehicular control networks, this combination results in strong security guarantees that go beyond the standardised requirements. In particular, we protect against network attackers but also against substantially stronger adversaries capable of arbitrary code execution on electronic control units. We have implemented VulCAN on top of Sancus, a lightweight open-source trusted computing platform that we develop to secure critical applications in embedded control systems and the IoT. I will discuss the limitations and open research questions for the approach.<\/p><p><strong>Jan Tobias Muehlberg<\/strong> works as a research manager at imec-DistriNet, KU Leuven (BE). He is active in the fields of software security, formal verification and validation of software systems, specifically for embedded systems and low-level operating system components. Tobias is particularly interested in security architectures for safety-critical embedded systems and for the Internet of Things.<\/p><p>Before joining KU Leuven, Tobias worked as a researcher at the University of Bamberg (DE), obtained a Ph.D. from the University of York (UK) and worked as a researcher at the University of Applied Sciences in Brandenburg (DE), where he also acquired his Masters degree.<\/p><p><strong>The\u00a0SRM seminars\u00a0are the joint seminars of the Security and Trust of Software Systems and Applied Security and Information Assurance research groups, supported by the Laboratory of Algorithmics, Cryptology and Security and the Interdisciplinary Centre for Security, Reliability and Trust.<\/strong><\/p><\/div><\/section>","protected":false},"excerpt":{"rendered":"<p>Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.<\/p>\n","protected":false},"author":0,"featured_media":7408,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"featured_image_focal_point":[],"show_featured_caption":false,"ulux_newsletter_groups":"","uluxPostTitle":"","uluxPrePostTitle":"","_trash_the_other_posts":false,"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"event_start_date":"2018-12-12 10:30:00","event_end_date":"2018-12-12 11:30:00","event_speaker_name":"Jan Tobias Muehlberg, imec-DistriNet, KU Leuven, Belgium","event_speaker_link":"","event_is_online":false,"event_location":"Room 3.370, Maison du Savoir,\r\nBelval Campus, 2, avenue de l'Universit\u00e9,\r\nL-4365 Esch-sur-Alzette","event_street":"","event_location_link":"","event_zip_code":"","event_city":"","event_country":"LU"},"events-topic":[],"events-type":[],"organisation":[184,226],"authorship":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.3 (Yoast SEO v22.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SRM Research Seminar - Authentic Execution for Automotive Control Networks - Universit\u00e9 du Luxembourg<\/title>\n<meta name=\"description\" content=\"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SRM Research Seminar - Authentic Execution for Automotive Control Networks\" \/>\n<meta property=\"og:description\" content=\"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/\" \/>\n<meta property=\"og:site_name\" content=\"UNI FR\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/uni.lu\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/\",\"url\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/\",\"name\":\"SRM Research Seminar - Authentic Execution for Automotive Control Networks - Universit\u00e9 du Luxembourg\",\"isPartOf\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg\",\"datePublished\":\"2018-11-26T12:41:31+00:00\",\"dateModified\":\"2018-11-26T12:41:31+00:00\",\"description\":\"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage\",\"url\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg\",\"contentUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.uni.lu\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Events\",\"item\":\"https:\/\/www.uni.lu\/fr\/events\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SRM Research Seminar - Authentic Execution for Automotive Control Networks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#website\",\"url\":\"https:\/\/www.uni.lu\/fr\/\",\"name\":\"Uni.lu\",\"description\":\"Universit\u00e9 du Luxembourg\",\"publisher\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#organization\"},\"alternateName\":\"Universit\u00e9 du Luxembourg\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.uni.lu\/fr\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#organization\",\"name\":\"Universit\u00e9 du Luxembourg\",\"alternateName\":\"Uni.lu\",\"url\":\"https:\/\/www.uni.lu\/fr\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\",\"contentUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\",\"width\":2560,\"height\":2560,\"caption\":\"Universit\u00e9 du Luxembourg\"},\"image\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/uni.lu\",\"https:\/\/www.linkedin.com\/school\/university-of-luxembourg\/\",\"https:\/\/www.instagram.com\/uni.lu\",\"https:\/\/www.youtube.com\/@uni_lu\",\"https:\/\/en.wikipedia.org\/wiki\/University_of_Luxembourg\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SRM Research Seminar - Authentic Execution for Automotive Control Networks - Universit\u00e9 du Luxembourg","description":"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/","og_locale":"fr_FR","og_type":"article","og_title":"SRM Research Seminar - Authentic Execution for Automotive Control Networks","og_description":"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.","og_url":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/","og_site_name":"UNI FR","article_publisher":"https:\/\/www.facebook.com\/uni.lu","og_image":[{"width":2560,"height":2560,"url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/","url":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/","name":"SRM Research Seminar - Authentic Execution for Automotive Control Networks - Universit\u00e9 du Luxembourg","isPartOf":{"@id":"https:\/\/www.uni.lu\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage"},"image":{"@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg","datePublished":"2018-11-26T12:41:31+00:00","dateModified":"2018-11-26T12:41:31+00:00","description":"Vehicular communication networks, specifically CAN, have been subject to a growing number of attacks that put the safety of passengers at risk. This results in both lawsuits and manufacturers recalling millions of vehicles. Recent standardisation efforts, i.e. AUTOSAR, suggest message authentication to protect CAN from network-level attackers. Yet, (1) current cars do not implement authentication and (2) established attack schemes suggest that we must consider stronger attackers with code execution abilities on critical control units.","breadcrumb":{"@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#primaryimage","url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg","contentUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/11\/srm_research_seminar_authentic_execution_for_automotive_control_networks.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.uni.lu\/fr\/events\/srm-research-seminar-authentic-execution-for-automotive-control-networks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.uni.lu\/fr\/"},{"@type":"ListItem","position":2,"name":"Events","item":"https:\/\/www.uni.lu\/fr\/events\/"},{"@type":"ListItem","position":3,"name":"SRM Research Seminar - Authentic Execution for Automotive Control Networks"}]},{"@type":"WebSite","@id":"https:\/\/www.uni.lu\/fr\/#website","url":"https:\/\/www.uni.lu\/fr\/","name":"Uni.lu","description":"Universit\u00e9 du Luxembourg","publisher":{"@id":"https:\/\/www.uni.lu\/fr\/#organization"},"alternateName":"Universit\u00e9 du Luxembourg","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.uni.lu\/fr\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.uni.lu\/fr\/#organization","name":"Universit\u00e9 du Luxembourg","alternateName":"Uni.lu","url":"https:\/\/www.uni.lu\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","contentUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","width":2560,"height":2560,"caption":"Universit\u00e9 du Luxembourg"},"image":{"@id":"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/uni.lu","https:\/\/www.linkedin.com\/school\/university-of-luxembourg\/","https:\/\/www.instagram.com\/uni.lu","https:\/\/www.youtube.com\/@uni_lu","https:\/\/en.wikipedia.org\/wiki\/University_of_Luxembourg"]}]}},"_links":{"self":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events\/7407"}],"collection":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events"}],"about":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/types\/events"}],"replies":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/comments?post=7407"}],"version-history":[{"count":0,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events\/7407\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/media\/7408"}],"wp:attachment":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/media?parent=7407"}],"wp:term":[{"taxonomy":"events-topic","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events-topic?post=7407"},{"taxonomy":"events-type","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events-type?post=7407"},{"taxonomy":"organisation","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/organisation?post=7407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}