Expleo develops hacking briefcase for automotive cybersecurity


Expleo, a global engineering, technology, and consulting service provider, has developed a complete cyber-resilience testing platform for the automotive sector, enabling engineers to conduct detailed cybersecurity tests on vehicles anywhere at any time, tackling the increasing risks posed by cyber hackers.

Named the ExpleoSmeeta Briefcase, the platform combines a cybersecurity testing framework (ExpleoSmeeta) with a comprehensive suite of hardware components to conduct security assessments, cyber forensics, and penetration tests in the automotive sector.

A modern car runs on 100 million lines of code and typically can include multiple wireless connections such as Wi-Fi, GPS, Bluetooth and cellular (4G/5G). As vehicles become more connected and more reliant on software, the cyber risk grows exponentially and could pose a threat to vehicle safety.

As part of an innovation project, Expleo created the physical cyber resilience testing platform-in-a-box, which combines the ExpleoSmeeta Operating System (OS), based on a Linux open-source distribution, and a hardware toolkit with Expleo proprietary scripts and tools.

This allows Expleo engineers to conduct in-depth cybersecurity tests on vehicles anywhere at any time, supporting OEMs and tier 1s to check and verify their own solutions, integrate cybersecurity by design into product development, and anticipate future risks.

According to Expleo, areas which are at risk of cyber hacks include radio frequencies, wireless connections, vehicle sensors, and the CAN Bus. Radio frequencies, such as RFID which is used to access and start vehicles via electronic key fobs or GPS, can be spoofed to hide stolen vehicles. Meanwhile, wireless connections including cellular (4G/5G), Wi-Fi, Bluetooth and telematics are a prime target for malicious firmware updates that can compromise driver data.

Vehicle sensors such as those used for assisted parking or to support autonomous driver systems can be spoofed or jammed to put driver safety at risk. And the CAN Bus, the message-based protocol that allows the various electronic components of a vehicle to communicate, such as door locks, speedometer and even brakes, can be compromised posing a significant risk to driver safety.

Helmi Rais, group cybersecurity practice leader, said, “Cars are becoming more sophisticated thanks to digital technologies, enabling electrification, autonomous driving systems, advanced in-vehicle infotainment, connected vehicles and shared mobility. But with the new opportunities offered by digital come new risks in the form of heightened cyber risk.

“The automotive industry must be able to respond to an ever-changing set of threats. That’s why we developed ExpleoSmeeta to help combine the knowledge of the cyber community with Expleo’s automotive and digital expertise so that OEM and tier 1 automakers can test, secure, and protect their products, making them more resilient, sustainable, and most importantly, safer for consumers.”

Share this story:

About Author