Ops! It is JTAG's Fault: Journey to Unlocking Automotive Grade IC
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk delves into the critical security challenges surrounding **JTAG** (Joint Test Action Group) interfaces in automotive-grade microcontrollers (MCUs), specifically focusing on the STMicroelectronics **SPC58** series. Presented by a team of researchers from a security company identifying itself as "Google," the session outlines their journey to reverse engineer, analyze, and ultimately bypass the JTAG password authentication mechanism implemented in these MCUs. The speakers underscore the importance of understanding attack methodologies to build robust defenses, especially in the context of complex automotive systems where vulnerabilities discovered late in the lifecycle can be costly or impossible to fix.