Automotive Penetration Testing with Scapy

This talk will provide a general overview on how Scapy can be used for automotive penetration testing. All present features of Scapy for automotive penetration will be introduced and explained. Also an overview of higher level automotive protocols will be given.

As automotive penetration testing becomes more important, the lack of free tools for automotive network penetration testing led us to integrate new features in Scapy. Scapy is a well established framework for packet manipulation. The flexibility of Scapy allowed us to implement automotive interfaces (CAN) and automotive protocols (ISOTP, GMLAN, UDS, DoIP, OBD-II).

This talk explains the basics of these automotive protocols, the workflow with Scapy for automotive network penetration testing. A live demonstration with some embedded hardware will be given.