Post mortem teardown of Tesla CAN traffic from DEFCON28 Virtual Car Hacking Village.

https://www.carhackingvillage.com/

The ctf/lab setup was CHVpi running on RaspberryPi. Socketcan devices were setup and they were connected to a Tesla Model3.

This particular machine did have access to git & outside world.

1. Create git repo somewhere.
2. Copy the chvpi ssh-key to your account. Disclaimer: This is a huge security issue as it gives the owner of the CHVpi access to your Git repo. Solution: Use a throw away GitHubAccount.
3. Run 00_log.sh. Every 10000 CAN messages it will bzip2 the log, add it to git and push.

1. ./01_unpack.sh unpacks all *.log.bz2 files into final_log.
2. [opt] ./02_uniqueids.sh will dump all of the unique CAN ID's found in final_log. It was a quick script during CTF time to peek at the messaging.
3. 01_PostMortem_Local.ipynb - Local analysis of the log files directly parsing the final_log output.

Based on dask-docker

cd dask-docker/
docker-compose up

1. Copy and paste the http://127.0.0.1:8888/ URL into your browser.
2. Control-click on the URL depending on your terminal emulator.

This was our first CTF event and weren't sure what to expect or do. We ignored the set CTF goals and instead opted for bulk data collection with the intention of leaving the Prüfstand and going back to the desk for the actual work. This way the next time we're in the test cell,

This development style worked for our team while assisting Caterpillar M46 development and Caterpillar 795F AC dSpace HIL testing.

Industry experience in developing for heavy equipment, automotive, and aerospace.

Usual tools & chain: Simulink Embedded Coder, diab, Vector CANape, Vector CANalyzer. MDF

CSS Electronics is a developer of professional-grade, simple-to-use and low cost CAN bus data loggers. We're based in Denmark and operate globally:

• We supply 1,000+ companies across 80+ countries
• Applications include telematics, development & diagnostics
• Industries include automotive, heavy duty, motorsports, & production
• Users include OEM engineers, operators, site managers & researchers
• Assembly is done by ISO 9001:2015 certified US partners - scaling to any volume
• We offset 100% of our CO2 footprint

CANedge2: 2x CAN Bus Data Logger (SD + WiFi)

The plug & play 2xCAN/LIN logger records timestamped CAN data (Classical/CAN FD) to the extractable 8 GB industrial SD card.

The small device connects via WiFi access points (e.g. WLAN or 3G/4G routers) to securely push data to your server. Further, the device can be updated over-the-air.

The CANedge2 is ideal for telematics & fleet management - as well as R&D field tests, diagnostics and predictive maintenance.

Software/APIs are free & open source - with no subscription fees or vendor lock-in.

Secure CAN Bus Logging & Telematics - A Simple Intro

9 security factors to review in your CAN logging setup

1. Is the manufacturing process secure?
2. Does the logger enable code protection?
3. Is the firmware digitally signed and updatable OTA?
4. Can passwords be encrypted & rotated as per NIST guidelines?
5. Can SD data be encrypted as per NIST guidelines?
6. Is data uploaded securely as per NIST guidelines?
7. Can server access be monitored and controlled?
8. Are security critical data unique for each device/purpose?
9. Can TLS certificates be updated over-the-air?

Louter Control. Control Systems / Netherlands - *Remote reverse engineering of machinery Louter Control. Control Systems / Netherlands.

Albach Maschinenbau. Self Propelled Mobile Tree Fellers / ~100 FTEs / Germany - Optimizing systems in mobile foresters