awesome-connected-things-sec/docs/automotive-security.md

Car Hacking Resources: From Origins to Today

A historical and up-to-date guide to the world of automotive security and car hacking—covering foundational breakthroughs, major attacks, community growth, tools, and essential resources.

---

Table of Contents

• 1. Early Days: 1990s–2000s
• 2. 2010–2014: Proof-of-Concepts and Recognition
• 3. 2015–2018: Mainstream Awareness and Escalation
• 4. 2019–2021: Community, Tools, and Remote Exploits
• 5. 2022–2025: Modern Era and Emerging Frontiers
• 6. Essential Learning & Research Resources
• 7. Getting Started with Car Hacking (Today)
• 8. Summary Timeline of Milestones
• 9. Curated Modern Automotive Security List (2025)

---

1. Early Days: 1990s–2000s

• First Hacking Points: OBD (On-Board Diagnostics) port introduction enabled access to engine management with custom hardware and proprietary protocols.
• Key Focus: Wired access to in-vehicle networks, mainly CAN (Controller Area Network, CAN Wikipedia, standardized 1991).
• Barriers: Highly proprietary, isolated systems; vehicle-specific strategies required.

---

2. 2010–2014: Proof-of-Concepts and Recognition

• Researchers began hacking ECUs through direct access, quickly moving to remote attacks via Bluetooth, CD, cellular, and more.
• Notable exploits included 2011 Chevy Malibu remote hacks (Wired Article) and proof that almost any connected vehicle could be at risk.
• Open-source tools and low-cost OBD-II USB adapters made experimentation accessible.

---

3. 2015–2018: Mainstream Awareness and Escalation

• Landmark Hacks:
  • 2013: Miller and Valasek controlled Ford Escape and Toyota Prius (acceleration, steering, GPS spoofing).
  • 2015: Jeep Cherokee/UConnect hack allowed full remote takeover—leading to million-vehicle recall.
  • Tesla (2016 hack), BMW (ConnectedDrive hack), and Nissan (Nissan Leaf hack) also targeted through remote and telematics attacks.
• Ecosystem Milestones:
  • Instrument Cluster Simulator (ICSim) released.
  • DEF CON Car Hacking Village—a global hub for car security research.

---

4. 2019–2021: Community, Tools, and Remote Exploits

• Events: Car Hacking Village (DEF CON) and Car Hacking Village @ DefCamp expand globally.
• Open Garages and online forums centralize tutorials, datasets, and collaborative research.
• Tools like can-utils, python-can, and Scapy/CAN widely adopted in both hobbyist and professional domains.
• Complexity increases—modern vehicles become software-centric and remotely exploitable.

---

5. 2022–2025: Modern Era and Emerging Frontiers

• API & Backend Attacks:
  • Mass remote exploitation of telematics APIs by researchers—impacting brands like Acura, Kia (Kia API bug), BMW, Tesla (Tesla charger exploit), Nissan (Nissan Leaf hack), and Škoda (Škoda Mobile App bug).
• Hardware & Software Expansion: Advanced interfaces and attack tools: Nano-CAN, CANtact, CANPico, M2 by Macchina, ELM327.
• Active Communities: DEF CON Car Hacking Village, ASRG, Car Hacking Village (Europe, DefCamp), Open Garages.
• Ongoing Publications: The Car Hacker’s Handbook, academic surveys (ScienceDirect, MDPI Sensors), live vulnerability tracking (VicOne zero-days).

---

6. Essential Learning & Research Resources

Resource/Community	Type	Description/Notes
The Car Hacker’s Handbook (Craig Smith)	Book	Comprehensive guide to car security
Hacking Connected Cars	Book	Techniques and procedures book
ICSim	Toolkit/Software	CAN cluster simulation
can-utils	Toolkit/Software	CAN bus open-source tools
python-can	Toolkit/Software	Python CAN bus library
Scapy/CAN Layer	Toolkit/Software	CAN protocol analysis
DEF CON Car Hacking Village	Community/Event	Global in-person and virtual hands-on events
Car Hacking Village @ DefCamp	Community/Event	European CTF/hack venue
ASRG	Community	Auto Security Research Group: global research
Open Garages	Forum/Repo	Tutorials, datasets, simulation kits
Upstream Security Reports	Research/Survey	Trends, vulnerabilities, industry survey
The Hacker News: API survey	News/Research	Mass API attack reports
arXiv: UWBAD paper	Research	Ultra-Wideband relay attack research
arXiv: SAE J1939 attacks	Research	Heavy-duty transport attacks
ScienceDirect: HD vehicle review	Research	Heavy vehicle vulnerabilities
MDPI Sensors: SDV security	Research/Survey	Survey on frameworks/attacks
VicOne Zero-Day Database	Vulnerability DB	Live CVE, 0-day tracking

---

7. Getting Started with Car Hacking (Today)

• Read: The Car Hacker’s Handbook
• Practice: Use ICSim, ELM327, CANtact on test benches.
• Engage: ASRG, Open Garages, DEF CON Car Hacking Village
• Stay Current: Upstream Reports, arXiv search: automotive security, HackerNews

---

8. Summary Timeline of Milestones

• 1990s–2000s: OBD/CAN bus hacking (CAN bus)
• 2010–2014: Chevy Malibu hack (Wired), CAN-utils, ELM327
• 2015: Jeep UConnect hack, DEF CON Car Hacking Village
• 2016–2018: BMW, Tesla, ICSim
• 2019–2025: API hacks survey, Upstream Report, VicOne 0-days

---

9. Curated Modern Automotive Security List (2025)

Approach & Methodology

• In-Vehicle Network, Hardware Hacking, Firmware, Wireless, Mobile App, Cloud/Telemetry, AI-based Security, Supply Chain, Mobility.

Communities & Events

• ASRG
• Auto-ISAC
• Car Hacking Village – DEF CON
• Pwn2Own Automotive
• Automotive Cybersecurity Detroit 2025
• Auto-ISAC Europe Summit 2025
• escar Europe 2025

Educational Resources

• Car Hacker’s Handbook
• Hacking Connected Cars
• ASRG YouTube
• Car Hacking Village YouTube
• CANisLabs Blog
• CANBusHack Blog

Tools & Platforms

Hardware

• Nano-CAN
• USBtin
• USB2CAN
• CANPico
• OBD-KILL
• ELM327
• CANtact
• Macchina M2

Software

• can-utils
• ICSim
• UDSim
• CANalyse 2.0
• CANToolz
• CANalyzat0r

Libraries

• python-can
• Scap CAN Layer

Lists & Platforms

• Awesome Vehicle Security
• wtsxDev/Vehicle-Security
• Carpunk
• pq-flasher
• FOSSA for Automotive
• GitGuardian for Automotive

Research, Papers & Vulnerabilities

• UWBAD – Ultra-Wideband Keyless Entry Jamming (arXiv)
• SAE J1939 Attacks (arXiv)
• ScienceDirect: Heavy-Duty Vehicle Security Review
• MDPI Sensors: Survey on SDV Security
• VicOne Automotive Zero-Day Vulnerabilities
• The Hacker News – API Vulnerability Survey
• Upstream: 2025 Global Automotive Cybersecurity Report

Regulations & Standards

• UN ECE WP.29 (R155/R156) summary
• ISO/SAE 21434 overview
• Cyber Defense Magazine: Future of Automotive Cybersecurity

New & Emerging Threats

• AI Security & Prompt Injection
• Automotive Software Supply Chain Security
• Connected Mobility & Telematics API Security
• EV Charging Infrastructure Vulnerabilities
• Ransomware & Data Breach Response

Recommendations

• Monitor live vulnerability and supply chain intelligence portals (e.g., VicOne, FOSSA, GitGuardian).
• Engage at DEF CON Car Hacking Village, Auto-ISAC Summits, and Pwn2Own Automotive.
• Follow and contribute to open-source and research repositories.
• Stay updated with Upstream Reports, and adapt to regulatory and threat intelligence changes.

---

This guide covers car hacking’s journey from early OBD/CAN explorations to today’s cloud, API, and AI security challenges—linking you directly to key reference points and resources at each stage.