Students, Professionals Work to Further Cybersecurity at CyberAuto Challenge
The 2016 SAE Battelle CyberAuto Challenge, held July 25-29 at Macomb Community College in Warren, MI, assembled teams of high school and college students and professionals to work on real cars to find real answers to cybersecurity challenges. Participating professionals in the hands-on practicum and workshop included automotive engineers, government engineers, and ethical "white hat" researchers.
Thirty-four students from around the globe, including students from Germany, Japan, and Canada were selected to participate in this year's challenge. The event enables industry professionals to benefit from the fresh perspectives offered by high-performing high school/college students. In turn, students gain exposure to industry experts and hands-on learning.
"I had not had an interest in cybersecurity until I was introduced to CAN bus and this whole concept of the messaging on automobiles and how to protect it," said Hayden Allen, a junior mechanical engineering student at the University of Tulsa. "Now that I've gotten into it and I've started working alongside some of the innovative people, I really do have an interest in it and would like to pursue this as a field."
Allen was introduced to the challenge at the University of Tulsa because of his work as head research assistant for associate professor of mechanical engineering Jeremy Daily, Ph.D. Allen had been conducting research on the SAE J1939 standard for the heavy truck industry. Daily and his team recently presented a paper
at the SAE 2016 Commercial Vehicle Engineering Congress related to their development of a cybersecurity test bed for the heavy truck industry.
"We've been developing tools to help read the messages that are going across the CAN bus to essentially create a ‘logger' to understand the messages that are actually active and the messages that don't happen as much and trying to compile a large database from that information as well as pieces of hardware that could be used, for demonstration purposes only, to spoof messages or make things do what they're not supposed to," Allen said.
This year, the challenge featured a series of classroom lessons, strategy sessions, impromptu discussions, and hands-on activities. Topics included wireless attacks, CAN bus, secure coding, hardware, SocketCAN, and forensics, as well as legal and ethical issues. The confidential, interactive environment fostered collaboration and creativity among different cross-sectors of the automotive, academia, and cybersecurity industries.
"The aspect of what I really enjoyed the most was the fact that, of course, everyone's going to have different understandings and different skills and strengths," Allen said. "It was pretty great to see the spread of people who actually understood "J" standards when it comes to the CAN bus vs. people who had never heard of it before and were diving into it and seeing how ready to work everyone was and excited."