CANSPY: A Platform for Auditing Can Devices

by Jonathan-Christofer Demay, Arnaud Lebrun
Sept. 15, 2017 1 comment belen_caty Pen Testing & Audits canspy

In this talk, we present CANSPY, a platform giving security auditors such capabilities when auditing CAN devices. Not only can it block, forward or modify CAN frames on the fly, it can do so autonomously with a set of rules or interactively using Ethernet and a packet manipulation framework such as Scapy. It is also worth noting that it was designed to be cheap and easy to build as it is mostly made of inexpensive COTS. Last but not least, we demonstrate its versatility by turning around a security issue usually considered when it comes to cars: instead of auditing an electronic control unit (ECU) through the OBD-II connector, we are going to partially emulate ECUs in order to audit a device that connects to this very connector.

Steven Ulm 6 months ago

CAN devices are widely used in networking (and not only!). Making them more secure would be a great win for the consumer..