SUMMARY OF QUALIFICATIONS

• In - depth knowledge of layered vehicle security architecture and limitations
• In-depth knowledge of core vehicle security architecture and security critical ECU interactions
• Experienced in diagnostic protocol security across vehicle and computer networks
• Experienced with embedded processors used in Automotive and IOT Devices

TECHNICAL EXPERTISE

Embedded programming : FTDI, NECV850, TriCore, Android

Network protocols (PC) : TCP/IP, UDP, SMTP, HTTP, USB, RS-232

Interfaces: Wifi, BLE, JTAG, UART, Serial, Android ADB

Firmware Analysis: Binwalk, IDA, GDB, QConn

Programming languages: C/C++, Java, Python, Android

Vector toolset : CANoe, CanDiva, CanDela, CANStress, CANape, CanGen, CANalyzer SocketCAN

PROFESSIONAL EXPERIENCE

Confidential

Lead Embedded Security Engineer

• Challenge suppliers to improve effectiveness in Vehicle Cybersecurity
• Created methodology, mentored and trained internal penetration testing team on various embedded security topics
• Conducted successful penetration testing engagements on multiple ECUs including telematics, Body Controls and Gateways
• Experienced in assessing external interface security, including Wifi, Bluetooth LE, USB
• Experienced in CAN topics - SecurityAccess, Secure Programming, Secure Boot, Gateways
• Experienced in analyzing entry points, developing custom fuzzers and MITM techniques
• Familiar with firmware analysis, using disassemblers and debuggers on various architectures (PowerPC, MPC5xx VLE, MIPS, x86)

Confidential  

Senior Embedded Security Engineer

• Leading change in vehicle network security
• Architected and led implementation of Diagnostic SecurityAccess strategy using session keys, privilege separation and end to end authentication.
• Architected and implemented ISO14229-1 UDS Service 0x84 to provide a standard solution for Diagnostics encryption and authentication - created concept and worked with AUTOSAR WPs to standardize solution.
• Well-versed with the use of security peripherals as well as the AUTOSAR DCM, CSM, CAL and CRY security interfaces.
• In-depth understanding of ECU Diagnostics security strategy from Supplier key provisioning to end of life services including dealership and over the air services.
• In-depth understanding of Diagnostics tools used by Service, Manufacturing, Validation and Engineering - responsible for ensuring secure, continued access is provided to authorized tools.
• Reviewed and mitigated security concerns in ECU Specific Diagnostics for current ECUs.
• Expert in improving security posture in ECUs with limited processing capabilities.
• Interfaced with Service, Manufacturing and Engineering to implement strategy for next generation vehicle architectures.
• Improved the designs of multiple security mechanisms to enhance vehicle security including Intrusion Detection, Gateway and end ECU security.
• Knowledgeable in IT Key provisioning and key management strategies.
• Patent inventor for 3 patents relating to the use of Session Keys and securing the reading of memory addresses to improve automotive security.

Confidential

Software consultant

• Proposed, architected and Implemented XCP interface allowing industry standard tools
• (Vector/NI Veristand) to communicate with Cummins proprietary protocols over J1939
• Implemented ASAM3 TCP interface allowing tool (CUTY) to communicate with the J1939 CAN
• bus over Cummins CPP/CLIP as well as XCP over CAN/ethernet protocols
• Optimized corporate data acquisition tool to fix throughput issues on embedded dataloggers
• Proposed and implemented wireshark dissector for both XCP and the Cummins ASAM3 protocol.
• Created automated regression test suite / process to ensure robustness of corporate tool
• Provided support / consultation on integration with upper level toolsets used in test cells.

Confidential

Lead software engineer

• Responsible for delphi’s active scanning radar for gm Saab & Opel Insignia & Zafira
• Direct interface with customer, systems and project managers spanning multiple countries to
• address customer concerns and ensure timely delivery.
• Manage global software team using software change requirements and configuration
• management tools
• Experienced in developing in a time and safety critical embedded environment.
• Experienced in coding for a multi-core gateway spanning multiple CAN & SPI comm buses.
• Experienced with fixed point math micros like the NEC V850 Fx3 family.
• Proposed/implemented strategies include primary & secondary bootloader strategies, worst case
• jitter analysis, ramshadow checksum, Full/BasicCAN buffer allocation

Confidential

Software Engineer

• Develop in-house capability on vehicle bus monitors and simulators
• Experienced in creating gateways across different vehicle/computer networks.
• Optimized USB driver code and worked with firmware team to increase throughput substantially
• Invented and implemented method of connecting third party vehicle networks software
• to existing Saint2 hardware using DLL.
• Provide assistance to vehicle network problems and perform/develop automated tests
• Extensive knowledge in vehicular networks including CAN, LIN and Flexray.
• Extensive knowledge in vehicular network management over various OSI layers.
• Expert in troubleshooting / isolating issues involving vehicle networks / network management.
• Proficient in vehicle simulation tools such as Vector Canoe, CANDiva, CANape, CANDela etc
• Experienced with various embedded debuggers including JTAG, Tricore Pathfinder, miniCube
• Developed several programs that run extensive automated testing on various embedded ECUs.

Confidential

Software Engineer

• Worked with customer (Delphi) to create user defined scripting features by building a parser and
• interpreter for an automatic code review software based on customer requirements.
• Personally responsible for entire language creation, design, implementation, documentation & testing.
• Exceeded expectations and delivered product in three months.