Hrishikesh Somchatwar
Hrishikesh Somchatwar (@StorytelnHacker) is an independent security researcher, bestselling author, and international speaker known for his deep expertise in hardware and automotive cybersecurity. With a passion for uncovering vulnerabilities in embedded systems, he has presented his research at top security conferences worldwide, including SCSA Georgia, Defcamp Romania, SecurityFest Sweden, DeepSec Austria, Bsides Delhi & Ahmedabad, Hackfest Canada, and c0c0n Kochi.
Beyond cybersecurity, Hrishikesh runs The StorytellingHacker Podcasts, where he shares insights on hacking, security, and storytelling. His thought leadership extends to his engaging Twitter presence, where he discusses cutting-edge security topics.
In his free time, he explores Vedic Astrology (Jyotisa), blending ancient wisdom with modern problem-solving. Whether on stage, in a podcast, or through his writing, Hrishikesh brings a unique perspective—merging technical depth with the art of storytelling.
Session
Modern vehicles are no longer just mechanical machines—they are complex distributed systems with hundreds of electronic control units, multiple networks, and cloud-connected devices. In this talk, I will share the daily challenges of working as an automotive cybersecurity researcher and how real-world constraints shape security research in the automotive industry.
I will begin with a brief introduction to my role as a security researcher. My work involves analyzing vehicle hardware, telematics systems, IoT modules, and embedded firmware to identify vulnerabilities before attackers do. Unlike traditional IT security, automotive security requires deep knowledge of hardware, embedded systems, radio protocols, and real-time system constraints.
A key part of this talk will focus on automotive communication networks and interfaces. I will explain how in-vehicle networks operate, why security is challenging to implement, and how attackers can exploit weaknesses through message manipulation, spoofing, and denial-of-service techniques. I will also cover interfaces such as UART, JTAG, Bluetooth, cellular modules, and diagnostic ports, highlighting how each interface expands the attack surface.