A field manual on contextualizing cyber threats, vulnerabilities, and risks to connected cars through penetration testing and risk assessment

Hacking Connected Cars deconstructs the tactics, techniques, and procedures (TTPs) used to hack into connected cars and autonomous vehicles to help you identify and mitigate vulnerabilities affecting cyber-physical vehicles. Written by a veteran of risk management and penetration testing of IoT devices and connected cars, this book provides a detailed account of how to perform penetration testing, threat modeling, and risk assessments of telematics control units and infotainment systems. This book demonstrates how vulnerabilities in wireless networking, Bluetooth, and GSM can be exploited to affect confidentiality, integrity, and availability of connected cars.

Passenger vehicles have experienced a massive increase in connectivity over the past five years, and the trend will only continue to grow with the expansion of The Internet of Things and increasing consumer demand for always-on connectivity. Manufacturers and OEMs need the ability to push updates without requiring service visits, but this leaves the vehicle’s systems open to attack. This book examines the issues in depth, providing cutting-edge preventative tactics that security practitioners, researchers, and vendors can use to keep connected cars safe without sacrificing connectivity.

• Perform penetration testing of infotainment systems and telematics control units through a step-by-step methodical guide
• Analyze risk levels surrounding vulnerabilities and threats that impact confidentiality, integrity, and availability

• Conduct penetration testing using the same tactics, techniques, and procedures used by hackers

From relatively small features such as automatic parallel parking, to completely autonomous self-driving cars―all connected systems are vulnerable to attack. As connectivity becomes a way of life, the need for security expertise for in-vehicle systems is becoming increasingly urgent. Hacking Connected Cars provides practical, comprehensive guidance for keeping these vehicles secure

通过渗透测试和风险评估，对联网汽车的网络威胁、漏洞和风险进行背景分析的实地手册

黑客入侵联网汽车》解构了用于入侵联网汽车和自动驾驶汽车的战术、技术和程序（TTPs），以帮助你识别和减轻影响网络物理车辆的漏洞。本书由一位从事物联网设备和联网汽车风险管理和渗透测试的资深人士撰写，详细介绍了如何对远程信息处理控制单元和信息娱乐系统进行渗透测试、威胁建模和风险评估。本书展示了如何利用无线网络、蓝牙和GSM的漏洞来影响联网汽车的保密性、完整性和可用性。

在过去的五年里，乘用车的连接性经历了大规模的增长，而且随着物联网的扩展和消费者对永远在线的连接性需求的增加，这一趋势只会继续增长。制造商和原始设备制造商需要有能力在不需要服务访问的情况下推送更新，但这使车辆的系统容易受到攻击。本书深入研究了这些问题，提供了尖端的预防策略，安全从业人员、研究人员和供应商可以利用这些策略在不牺牲连接性的情况下保持联网汽车的安全。

通过一步步的方法指导，对信息娱乐系统和远程信息处理控制单元进行渗透测试

分析围绕影响保密性、完整性和可用性的漏洞和威胁的风险等级

使用黑客使用的相同战术、技术和程序进行渗透测试

从相对较小的功能，如自动平行停车，到完全自主的自动驾驶汽车，所有的连接系统都容易受到攻击。随着连通性成为一种生活方式，对车载系统的安全专业知识的需求变得越来越迫切。黑客入侵互联汽车》为保持这些车辆的安全提供了实用、全面的指导