Andrew Banks [LDRA]

Security and the connected car: application code matters

11:45 – 12:25 and 16:00 – 16:40 (subject to change)

In this talk, I propose that the threat of automotive cyberattack requires a multi-faceted, multi-level ‘Swiss cheese’ defence, and that the compromising of various vehicles has helped to advance thinking in this area. I will discuss how approaches such as the separation of the multiple domains on automotive communications infrastructure are logically complemented by the security-conscious development of the applications themselves. And I will describe how many of the tools and techniques established for the development of high-criticality applications lend themselves admirably to the quest to provide an outstanding level of robustness and integrity to maximize the security of the connected car. Submersed in domain separation, secure middleware, threat modeling and key management? Don’t forget that code quality matters too!

Andrew Banks is a field applications engineer at LDRA with over 25 years’ experience of high-integrity real-time/embedded software development. A Chartered Fellow of the British Computer Society, he graduated from the University of Lancaster in 1989, and has spent most of his career within the aerospace, defence and automotive sectors. He has been involved with Misra since 2007 and chairman of the Misra C Working Group since early 2013. He is the chairman of the BSI ‘Software Testing’ Working Group and an active participant of other BSI, Iso, IET and SCSC work, including the recent revision of Iso 26262.