If you don't know neither the enemy
nor yourself, you will sucumb in every battle.
If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.
But if you know the enemy and know yourself you need not fear the result of a hundred battles.
The art of war (Sun Tzu)
Broad View to Automotive Security and Penetration Testing
Over the last few years, the media were full of various “car hacking” related news. Keyless entry systems can be bypassed, components can be rooted, firmware can be manipulated, hidden features can be activated, car functionalities can be triggered or manipulated remotely, owners can be tracked, just to name some trivial examples. While the public has increasing attention on automotive security, this has been already in focus of key industry players for several years.
Nowadays, vehicles are very complex systems, moreover they are part of an even more complex ecosystem. Therefore, answering questions like what car hacking really means, why it is important, how it is regulated, what the way of targeting a complete vehicle or an individual ECU (electronic control unit) is, what kind of technologies need to be addressed and what really should be tested in case of a car hacking project is not straightforward.
It is no longer a “capture and replay on CAN bus” or “control the vehicle through OBD-II port” game.
The views, opinions and thoughts in this homepage are the views, opinions and thoughts of the writer of this homepage and do not represent the views, opinions or thoughts of any past or current employer of the writer or any other third person. The content is provided 'as is' without warranty of any kind. Use at your own responsibility. Laszlo may be contacted on email@example.com.