Scorpiones Group
Loading

Automotive Penetration Testing

Automotives are likely the most complex connected devices we see. The attack surface is immense – The Internet, mobile, Bluetooth, custom RF protocols, DAB,
media files imported over USB, remote diagnostics, telematics, mobile apps… the list goes on.

Scorpiones understands the vital need to predict and disclose scenarios of cyber threats that might be launched from vehicle interfaces, remote network services, source code, in-vehicle data transmissions, or communications protocols.

We perform penetration testing of all layers of the telematics system, infotainment system, and mobile apps over the entire attack surface that they use to communicate,
including Bluetooth, WLAN, and cellular phone networks (GSM).

CAN bus

CAN bus

Manipulating and tempering the CAN bus package and reverse engineering

TCP/IP and Ethernet

TCP/IP and Ethernet

Analyzing network connections inside the vehicle

TCP over USB

TCP over USB

Detecting remote attacks via network services

In-car data

In-car data

Detecting insecure in-car data transmission channels

Infotainment systems

Infotainment systems

Detecting possible DoS attacks via in-car media systems

Third-party services

Third-party services

Testing Android Auto, Apple CarPlay, MirrorLink, and Bluetooth

2G/3G/4G

2G/3G/4G

Investigating for cellular networks and potential threats

Head unit security

Head unit security

Ensuring control of critical subsystems such as brakes and steering



All layers of the system and mobile app are tested, including the:
  • Wireless Communications Infrastructure or WCI
  • Vehicle Interface Block or VIB, including all network types and protocols used in the in-vehicle network, such as LIN, MOST, CAN, and Flexray.
  • Bluetooth, WiFi, and USB interfaces of the HU
  • WiFi communication between the HU and TCU
  • Static and dynamic code analysis of the connected car's mobile app
  • Over-the-air (OTA) updates between the vehicle and OEM backend


Contact Us

SEND A MESSAGE