Automotive Penetration Testing
Automotive Penetration Testing is all about testing the technology is vehicles. Technology deployments are likely some of the most complex connected devices at the present time. The attack surface is immense. It covers aspects such as: The Internet, mobile, Bluetooth, custom RF protocols, DAB, media files imported over USB, remote diagnostics, telematics, mobile apps and many many more. The list goes on and every month the list seems to increase.
Benefits of Automotive Penetration Testing
At Hedgehog we believe that every business should benefit from a safe, connection world. With the rise of the connected vehicle, this can pose a challenge. Understanding the threats that might be launched from vehicle interfaces, remote network services, source code, in-vehicle data transmissions, or communications protocols is a specialist job. With extensive motorsport knowledge and experience, and access to testing facilities such as Bruntingthorpe, Donnington and Oulton Park, we are uniquely places to perform automotive penetration testing.
We have the ability, technology and knowledge to perform penetration testing on all layers of the telematics system, infotainment system, and mobile apps over the entire attack surface that they use to communicate, including Bluetooth, WLAN, and cellular phone networks (GSM).
Automotive Penetration Testing Quote
Use our online quote generation service to design and build your perfect automotive penetration test and receive a formal quote within hours, not days.
Automotive Security Challenges
Although automotive device manufacturers are starting to implement security controls, they are still a long way from finding a good level of security. It is you who is ultimately responsible for securing the vehicle. There re eight key areas we focus on:
Manipulating and tempering the CAN bus package and reverse engineering.
TCP/IP AND ETHERNET
Analyzing network connections inside the vehicle.
TCP OVER USB
Detecting remote attacks via network services.
Detecting insecure in-car data transmission channels.
Detecting possible DoS attacks via in-car media systemsManipulating and tempering the CAN bus package and reverse engineering.
Testing Android Auto, Apple CarPlay, MirrorLink, and Bluetooth.
Investigating for cellular networks and potential threats. Manipulating and tempering the CAN bus package and reverse engineering.
HEAD UNIT SECURITY
Ensuring control of critical subsystems such as brakes and steering.
Threats for 2020
What we can test
Automotive Penetration Testing is an ever evolving specialist field. We do not claim to be test everything. We can test the following:
Our Automotive Penetration Testing team is already trusted by a number of large brands, including VAG, Porsche and Bentley. We conduct a significant amount of research especially around the Motorsports sector and take an active part in the British Touring Car Championship (BTCC), Ginetta GT4 Supercup and the British GT series.
If you would like to meet the team in a fun atmosphere, come and see us on one of our motorsport weekends.
Here are some useful resources that might be of help:
Automotive Penetration Testing Fun
Mostly be we can, and we do. Here are some photos of our automotive penetration testing team in action.