Discover how Expleo uses its test lab to answer complex and advanced penetration testing requirements for automotive embedded systems.
Who was the client?
Our client is one of the world’s leading automotive Tier-One
What was the problem?
Our customer couldn’t validate their products without proving they were resilient in terms of cybersecurity against Wi-Fi, Bluetooth, USB, and CAN-bus cyber-attacks.
They were looking for partners familiar with the cybersecurity and automotive regulations requirements, the automotive ecosystem, and the skills required for penetration tests.
What was the Expleo solution?
We have created a dedicated penetration testing lab for automotive and embedded systems.
Thanks to industrialised penetration testing processes, this lab is helping our customers comply with automotive cybersecurity standards and regulations UN R155/R156.7.
Here are some example scenarios:
- Wi-Fi: enumeration and vulnerability analysis of running and exposed services, fuzzing and best practice checks on unknown or custom services secure access and pairing of devices
- Bluetooth: testing of secure access and pairing of devices, vulnerability analysis of running services
- USB: access checks for only supported device types, basic file format fuzzing for data loaded from USB
- CAN: analysis of documented messages, (receiving/sending), fuzz testing to detect, undocumented behavior or crashes
How did the solution help?
It allowed them to have a scalable test factory with test cases already bespoke for automotive.
We guided them through the whole process with penetration testing consulting to ensure accuracy and a match for their expectations.
What were the results of using our penetration testing lab?
We helped them to identify vulnerabilities and threats and reduced the cyber-risk.
Thanks to around 30 test cases, our penetration testing lab was able to validate the relevance of the security control deployed to their embedded system.
At the end, they were compliant with their customers’ requirements, automotive cybersecurity standards and regulations.
Could it work for me?
With the growing number of connected vehicles, cybersecurity has become one of the biggest challenges for automotive and penetration testing has become a must to guarantee passengers’ safety.
Penetration testing is also critical for IoT belonging to other sectors like aerospace.
You can benefit from our penetration testing lab, which proposes a lot of test cases bespoke for your industry with penetration testing / Security Evaluation of:
- Hardware, ECUs, etc.
- PKI, HSM and crypto functionalities
- sensors, radars, IoT, etc.
- Radio, WIFI, Bluetooth etc
- Mobile applications, Android Auto, Cloud etc.
Cybersecurity is one of the key components to achieving a safe Software-Defined vehicle.
Discover how Expleo can tackle your challenges.
Contact us
Expleo can assist you in ensuring your product cybersecurity certification & compliance