© Copyright 2010-2019 Brier & Thorn, Inc.

Connected Car Division

TODAY, A CAR CAN HAVE AS MUCH AS 100 MILLION LINES OF CODE, MORE LINES OF CODE THAN A F-22 JET FIGHTER. A MODERN-DAY CAR CAN NOW HAVE AS MANY AS 30-50 ELECTRONIC CONTROL UNITS (ECUS) THAT COMMUNICATE OVER THE CAN BUS OF THE IN-VEHICLE NETWORK.

WHY WE DO IT

Consumers today are now twice as likely to purchase a car based on its technology than what was once for performance. According to a recent survey by Accenture Research, 39% of consumers surveyed said their primary consideration in choosing a new car is in-car technology compared to 14% who sighted performance as their primary motivator. With no surprise, this consumer demand has also spilled over into emerging markets, including China, Brazil, Indonesia, and Malaysia.​

This connectivity is enabled through telematics systems. At its core, telematics deals with the services enabling vehicles to communicate over a telecommunications device, whether that be automatic crash notification to emergency services, roadside assistance, vehicle tracking, remote door services, navigation assistance, traffic assistance, concierge services, infotainment services, fleet management, and diagnostics.

Alissa Knight, the CCD Practice Manager, published the first book on hacking connected cars in 2019, which provides a field manual for performing penetration testing and risk assessments using the EVITA standard and has spoken at over a dozen connected car security conferences on hacking connected cars in the US, Europe, and Asia since 2014.

 

WHAT WE DO

We perform penetration testing of all layers of the telematics system, infotainment system, and mobile apps over the entire attack surface that they use to communicate, including Bluetooth, WLAN, and cellular phone networks (GSM).

 

All layers of the system and mobile app are tested, including the:

 

  1. Telematics Control Unit or TCU, which is an embedded in-vehicle device control unit that communicates with the automobile electronic control units ECUs and GPS satellite, accessing the telematics services over the wireless infrastructure.

  2. Telematics Network Operating System or TNOS, which is the hub where all telematics services are delivered and all raw data from the TCUs is processed.

  3. Wireless Communications Infrastructure or WCI, which provides the backbone for all the information exchange between the TNOS and TCUs and between the TCUs in the form of AD-HOC networks

  4. Vehicle Interface Block or VIB, which is responsible for communication with the rest of the vehicle ECUs and GPS receiver, including all network types and protocols used in the in-vehicle network, such as LIN, MOST, CAN, and Flexray.

  5. Bluetooth, WiFi, and USB interfaces of the HU

  6. WiFi communication between the HU and TCU

  7. Static and dynamic code analysis of the connected car's mobile app

  8. Over-the-air (OTA) updates between the vehicle and OEM backend

The security of the communication sessions of data in transit between the Service/Content Providers, Call Centers, and the TNOS are also tested as well as use of any encryption, including certificate exchange protocols.

OUR CAPABILITIES

  1. Head Unit (HU)/Infotainment System penetration testing

  2. Telematics Control Unit (TCU) penetration testing

  3. Backend/Over-the-air (OTA) testing

  4. Bluetooth penetration testing

  5. Wireless (WiFi) penetration testing

  6. CAN interface penetration testing

  7. Risk Assessments (EVITA, etc)

  8. OBD port penetration testing

  9. Mobile app penetration testing (iOS and Android)