Security Cracks at the Summit: Rethinking OTA Updates скачать в хорошем качестве

Security Cracks at the Summit: Rethinking OTA Updates

As connected cars continue to evolve, their attack surfaces are expanding rapidly. One of the most critical vectors is the In-Vehicle Infotainment (IVI) system, which connects the vehicle to external networks. While such connectivity enhances user experience, it also introduces serious security risks. But how well do we truly understand these systems—and are we evaluating them from an attacker's perspective? In this presentation, we examine a real-world IVI system developed by Alpine. Focusing on key services that form the attack surface, we take a deep dive into how these components operate and where they break. In particular, we analyze the Over-the-Air (OTA) update mechanism and uncover vulnerabilitie within its process. Through this case study, we aim to highlight often-overlooked risks in automotive software and provide insights into how IVI systems can be effectively targeted and better secured.