BROADCASTING YOUR ATTACK: SECURITY TESTING DAB RADIO IN CARS presented at Ruxcon 2015

by Andy Davis,

Summary : Digital Audio Broadcasting (DAB) radio receivers can be found in many new cars and are in most cases integrated into an IVI (In-Vehicle Infotainment) system, which is connected to other vehicle modules via the CAN bus. Therefore, any vulnerabilities discovered in the DAB radio stack code could potentially result in an attacker exploiting the IVI system and pivoting their attacks toward more cyber-physical modules such as those concerned with steering or braking. This talk will discuss the complex protocol capabilities of DAB and DAB+ and describe the potential areas where security vulnerabilities in different implementations may exist. I will discuss the use of Software Defined Radio in conjunction with open source DAB transmission software to develop our security testing tool (DABble). Finally I will talk about some of our findings, the implications of exploiting DAB-based vulnerabilities via a broadcast radio medium and what this could mean for the automotive world.