Open Source Car Hacking Kit

Former Tesla Intern Releases $60 Full Open Source Car Hacking Kit For The Masses article tells about new tool to get your hands on car electronics. CANard tool will make it cheaper and easier than ever before for tinkerers to get to the innards of their connected cars to determine if there are any useful tweaks they can make, or any worrisome security vulnerabilities that more malicious hackers could exploit. CANard programming is based on Python language. To use CANard, you will need CANtact, a CAN to USB interface for the low, low price of $59.95. <the hardware is open source too, meaning it’s easily replicable.

It should allow security researchers of all ilks to easily probe cars for weaknesses. As vehicles can have upwards of 100 million lines of code running on them, it’s makes it essential as many security researchers as possible can validate these systems. Previously, car hacking was the domain of those who had access to more expensive, bespoke hardware and knew the protocols used by cars.

Or have more limited options what can be made by using cheap ODB adaters like OBD2 Bluetooth adapter I just tested and use ready made apps for it.

 

3 Comments

  1. Tomi Engdahl says:

    Speaking CAN With Open Source Hardware
    http://hackaday.com/2015/03/28/speaking-can-with-open-source-hardware/

    You can buy a dongle with a weird industrial connector that fits under the dash of any car on the road for $15. This is just a simple ODB-II transceiver meant for reading error codes and turning a Crown Vic into a police interceptor. There’s a lot more to the CAN Bus than ODB-II; robots and industrial control units, for instance, and Hackaday alum [Eric] has developed an open source tool for all things CAN.

    The CANtact is a small board outfitted with a USB port on one end, a DE-9 port on the other, and enough electronics to talk to any CAN device. The hardware on the CANtact is an STM32F0 – an ARM Cortex M0 that comes with USB and CAN interfaces. This chip connects to a Microchip CAN transceiver, and that’s pretty much all you need to talk to cars and industrial automation equipment.

    On the software side of things, the CANtact can interface with Wireshark and the CANard Python library. All the files, from hardware to software, are available on the Github.

    A $60 Gadget That Makes Car Hacking Far Easier
    http://www.wired.com/2015/03/60-gadget-thatll-make-car-hacking-easier-ever/

    Reply
  2. Tomi Engdahl says:

    Open source OBD-II Adapter
    http://hackaday.com/2016/03/27/open-source-obd-ii-adapter/

    Automotive diagnostics have come a long way since the “idiot lights” of the 1980s. The current version of the on-board diagnostics (OBD) protocol provides real time data as well as fault diagnostics, thanks to the numerous sensors connected to the data network in the modern vehicle. While the hardware interface is fairly standardized now, manufacturers use one of several different standards to encode the data. [Alex Sidorenko] has built an open source OBD-II Adapter which provides a serial interface using the ELM327 command set and supports all OBD-II standards.

    The hardware is built around the LPC1517 Cortex-M3 microprocessor

    The software is written in C++ for the LPCXpresso IDE – a GNU tool chain for ARM Cortex-M processors, but can also be compiled using a couple of other toolchains.

    Open-source OBD adapter
    http://www.obddiag.net/allpro.html

    Reply
  3. Tomi Engdahl says:

    ICS-CERT Warns of CAN Bus Vulnerability
    http://www.securityweek.com/ics-cert-warns-can-bus-vulnerability

    The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an alert on Friday to warn relevant industries about a vulnerability affecting the Controller Area Network (CAN) bus standard.

    CAN is a high-reliability serial bus communications standard. It’s present in most modern cars – it allows various components of a vehicle to communicate with each other – and it’s also used in the healthcare and other sectors.

    A team of Italian researchers published a paper last year describing various CAN weaknesses and an attack method that can be leveraged for denial-of-service (DoS) attacks. They also published a proof-of-concept (PoC) exploit and a video showing how they managed to exploit the flaw to disable the parking sensors on a 2012 Alfa Romeo Giulietta.

    A Stealth, Selective, Link-layer Denial-of-Service Attack Against Automotive Networks
    https://www.politesi.polimi.it/bitstream/10589/126393/1/tesi_palanca.pdf

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*