Embedded systems transition to cloud native applications. Self-driving cars promoted the adoption of Linux and virtualization in vehicles. Red Hat and Canonical entered the automotive stage and worked on Linux for on-board systems.
Linux in the embedded and automotive sectors is not new. Vehicles are complex networks of electrical components exchanging critical information such as vehicle speed and engine status on non-TCP/IP networks (CAN bus). CAN and mandatory updates by flashing onboard components are not standard cases for cloud native environments. This introduces new challenges by extending the attack surface. Do embedded containers provide enough security for a safe operation?
This talk presents the internals of embedded containers with examples of automotive applications. The focus lies on virtual networks with the CAN bus and onboard interfaces such as SPI. Emphasis is put on the attack scenarios and how eBPF can be employed for observability and defenses.
—
Don’t forget to subscribe to the channel and join the Cilium & eBPF slack here:
If you’re Learning eBPF for the first time, Liz Rice’s eBPF book is a great resource. Download it here:
#ebpf #cloudnative
source
