This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Front Range OWASP Conference 2013/Sessions/Sess3 Tech1

Jump to: navigation, search

Angry Cars: Hacking the "Car as Platform"

Renault announced "what it describes as a 'tablet,' an integrated Android device built into its next range of cars, effectively opening the way to the car-as-a-platform. The car is becoming a new platform. We need developers to work on apps." Not to be left behind Ford has introduced the OpenXC platform, which it sees as a channel for collaboration between Ford and 3rd party application developers.

What role will security play in shaping this newly emerging technology, when your car can tweet it needs an oil change? Cars rely heavily on small embedded microprocessors running on a network that was never designed to be secure. This talk will look at the current technologies used CAN bus, OBDII, and tire pressure monitoring systems and demonstrate their inherent weaknesses. What should be considered in the future when most cars will be connected to the Internet?

Slides Video

Aaron Weaver

Aaron Weaver is Principal Security Analyst at Pearson Education, the leading learning and publishing company. He has played various roles including software developer, system engineer, embedded developer to IT security. He also leads OWASP Philadelphia. Experience includes mobile security, web application security, penetration testing and embedded development. Aaron has also worked on developer and QA awareness to increase security in the software development lifecycle and has held numerous training sessions.

Aaron has spoken at regional chapter events including OWASP, Infragard, ISSA, Cloud Security Alliance, Philadelphia Secure World and ISACA.

When he has time Aaron likes to make sawdust in his workshop.

Aaron Weaver