Scorpiones understands the need to predict and prevent scenarios of cyber threats that might be launched against vehicle interfaces, risking the lives of the drivers and pedestrians, as well as damage property.
Automotive Penetration Testing is one of the highest growing services in the cybersecurity field, No car manufacturer wants to face a cyber-attack directed at their vehicles.
We perform penetration testing of all layers of the telematics system as we are testing over the entire attack surface that the systems in the car use to communicate, including Bluetooth, WLAN, and cellular phone networks.
In order to achieve a high level of security, you must first use a secured platform and secured base.
You ensure to have a process of threat management, that includes the system development, supported protocols and apps, settings, maintenance, and updates.
In conclusion, you should perform Automotive Penetration Testing to ensure your products are safe and protected from any cyber threats.
CAN bus
Manipulating and tempering the CAN bus package and reverse engineering
TCP/IP and Ethernet
Analyzing network connections inside the vehicle
TCP over USB
Detecting remote attacks via network services
In-car data
Detecting insecure in-car data transmission channels
Infotainment systems
Detecting possible DoS attacks via in-car media systems
Third-party services
Testing Android Auto, Apple CarPlay, MirrorLink, and Bluetooth
2G/3G/4G
Investigating for cellular networks and potential threats
Head unit security
Ensuring control of critical subsystems such as brakes and steering
All layers of the system and mobile app are tested, including the:
Wireless Communications Infrastructure or WCI
Vehicle Interface Block or VIB, including all network types and protocols used in the in-vehicle network, such as LIN, MOST, CAN, and Flexray.
Bluetooth, WiFi, and USB interfaces of the HU
WiFi communication between the HU and TCU
Static and dynamic code analysis of the connected car's mobile app
Over-the-air (OTA) updates between the vehicle and OEM backend
