Car Hacker's Handbook

A Guide for the Penetration Tester

by Craig Smith

March 2016, 304 pp.

ISBN-13:

978-1-59327-703-1

“The world needs more hackers, and the world definitely needs more car hackers. We’re all safer when the systems we depend upon are inspectable, auditable, and documented—and this definitely includes cars.”
—Chris Evans, from the Foreword

“By turns funny, scary, and intriguing, The Car Hacker's Handbook is a practical guide for tinkerers and a fantastic overview for people who want to know what's going on when they strap themselves into a multi-ton, high-speed computer.”
—Cory Doctorow, Boing Boing

“The Car Hacker’s Handbook describes, in meticulous detail, how your car’s components talk both to one another and to diagnosticians—outlining all the ways good and bad guys can modify or attack the systems.”
—The Wall Street Journal

Modern cars are more computerized than ever. Infotainment and navigation systems, Wi-Fi, automatic software updates, and other innovations aim to make driving more convenient. But vehicle technologies haven’t kept pace with today’s more hostile security environment, leaving millions vulnerable to attack.

The Car Hacker’s Handbook will give you a deeper understanding of the computer systems and embedded software in modern vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and between devices and systems.

Then, once you have an understanding of a vehicle’s communication network, you’ll learn how to intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more. With a focus on low-cost, open source hacking tools such as Metasploit, Wireshark, Kayak, can-utils, and ChipWhisperer, The Car Hacker’s Handbook will show you how to:

Build an accurate threat model for your vehicle
Reverse engineer the CAN bus to fake engine signals
Exploit vulnerabilities in diagnostic and data-logging systems
Hack the ECU and other firmware and embedded systems
Feed exploits through infotainment and vehicle-to-vehicle communication systems
Override factory settings with performance-tuning techniques
Build physical and virtual test benches to try out exploits safely

If you’re curious about automotive security and have the urge to hack a two-ton computer, make The Car Hacker’s Handbook your first stop.

Author Bio

Craig Smith runs Theia Labs, a research firm that focuses on security auditing and building hardware and software prototypes. He has worked for several auto manufacturers and provided them with his public research. He is also a founder of the Hive13 hackerspace and OpenGarages.org. Craig is a frequent speaker on car hacking and has run workshops at RSA, DEF CON, and other major security conferences.

Table of contents

Introduction

Chapter 1: Understanding Threat Models
Chapter 2: Bus Protocols
Chapter 3: Vehicle Communication with SocketCAN
Chapter 4: Diagnostics and Logging
Chapter 5: Reverse Engineering the CAN Bus
Chapter 6: ECU Hacking
Chapter 7: Building and Using ECU Test Benches
Chapter 8: Attacking ECUs and Other Embedded Systems
Chapter 9: In-Vehicle Infotainment Systems
Chapter 10: Vehicle-to-Vehicle Communication
Chapter 11: Weaponizing CAN Findings
Chapter 12: Attacking Wireless Systems with SDR
Chapter 13: Performance Tuning

Appendix A: Tools of the Trade
Appendix B: Diagnostic Code Modes and PIDs
Appendix C: Creating Your Own Open Garage

View the detailed Table of Contents (PDF)
View the Index (PDF)

Reviews

Craig Smith did a Reddit AMA and answered questions about car hacking, IoT security, and safe vehicle demos. Watch Craig's O'Reilly webcast where he taught viewers about reversing the CAN bus on Linux.

The Car Hacker's Handbook is featured on Fox News and National Cyber Security.

“The Car Hacker's Handbook a guide on how to reverse engineer, exploit, and modify any kind of embedded system; cars are just the example. Craig presents this in a way that is eminently comprehensible and spends enough time reinforcing the idea of hacking a car safely, legally, and ethically. It’s a great read, an excellent introduction to fiddling with embedded bits, and truly owning the devices you’ve already purchased.”
—Hackaday

“Smith has done a marvelous job of providing a practical introduction to the world of vehicle systems and the tools used to interact with them for both benign and malicious purposes. Definitely a recommended read.”
—IEEE Cipher

“No matter where you stand on the vehicle cybersecurity issue—and perhaps like me you need to learn more about this subject—The Car Hacker's Handbook is an excellent guide and reference.”
—SAE International

An article by Craig Smith on hacking your own car and the right to tinker is featured on Dark Reading.

“No Starch Press has taken on the task of turning The Car Hacker's Handbook into a beautifully produced, professional book, in a new edition that builds on the original, vastly expanding the material while simultaneously improving the organization and updating it to encompass the otherwise-bewildering array of new developments in car automation and hacking.”
—Cory Doctorow, Boing Boing

“The Car Hacker’s Handbook is a comprehensive guide to reverse-engineering and understanding the digital control systems in a modern vehicle. This book is a wake-up call to automakers, legislators, and regulators, announcing the fact that technology enthusiasts can and will continue to fiddle with their cars. The bar for automotive software quality just got raised.”
—Jeff Zurschmeide, Digital Trends

“At nearly 300 pages, The Car Hacker’s Handbook covers a lot of potential security risks, and as autonomous systems become more ubiquitous and sophisticated, there could be even more risks.”
—TechCrunch

“The Car Hacker's Handbook is well worth reading. The practical information on automotive networks and protocols is invaluable. All things considered, that is what one wants from a hacker's handbook.”
—Nathan Willis, LWN.net

“Craig Smith has written a fascinating book about how connected cars work, and how they can be hacked. For those that want to understand what goes on under the hood of the car from a software perspective, The Car Hacker's Handbook is a most worthwhile read.”
—Ben Rothke, RSA Conference

“If you have your own car and are interested in understanding the ins and outs of its networking and security, this is the reference book to use.”
—Jay Schulman, InfoSecurity Magazine

“If you are interested in what goes on behind the scenes when you drive your car, and how exploitable it is, this is a book worth reading.”
—The IT Nerd

Craig Smith, “one of the pre-eminent automotive security experts on the planet, author of The Car Hacker’s Handbook and the founder of the Open Garages vehicle research lab,” was interviewed by Forbes about his book and research.

“With people like author Craig Smith and books such as The Car Hacker's Handbook, open information and standards and shared knowledge are the ways to secure our safety on the road.”
—Network Security Newsletter

“The Car Hacker’s Handbook by Craig Smith not only details the multiplicity of hacks that have already been perpetrated on unsuspecting automobile ECUs but promises to be a 'Guide for the Penetration Tester' interested in 'attacking ECUs' and 'passive CAN bus fingerprinting.'”
—David Booth, Driving

Craig Smith spoke to The Globe and Mail about the reality of car hacking and threats consumers face.

“The Car Hacker's Handbook is not just a technical guide for car enthusiasts and those with an interest in cybersecurity. If you work on, or modify cars, this book could be your Bible.”
—Rick Limpert on WGST's The Sully Show

“The Car Hacker's Handbook by Craig Smith is an excellent resource that deserves a place next to your Chilton repair manuals. Rather than an afterthought, security is front and center with The Car Hacker's Handbook. Anyone interested in electronically breaking into cars, or ideally thwarting such intrusions, should consider cracking into Smith's book first.”
—GearBrain

“Protect yourself and your car with The Car Hacker's Handbook. This book can be a great reference tool or even a spring or summer read. Smith doesn't set out to be an alarmist, but this book really makes you think.”
—Examiner.com

“The Car Hacker’s Handbook has pages of programming and technical information for tinkerers (i.e., hackers). But it also provides a public service as the first work of its kind to analyze computer-based systems that make them vulnerable to attack and exploitation. If your company has a fleet, you might want to check it out.”
—Strategic Finance

“If you are a serious car nut who regularly tinkers around, love problem-solving codes, or are concerned about security, pick up this guide and give the tricks inside a try. It could have a significant impact on your security.”
—The News Wheel

“The Car Hacker's Handbook invites digging deep within and getting your hands “dirty” digitally. Chock full of information and diagrams. For those with a yen for hacking a two-ton computer, drive on over to a bookstore and wrap your hands around this.”
—LA Home & Technology Examiner

“A great resource if you’re trying to hone your automotive skills or if you have an interest in the networks and security of cars.”
— Makezine.com

“Even if you aren't interested in becoming a car penetration tester, but you do want to know more about the collection of computers you routinely drive, you would do well to buy and read this book.”
—;login: the Magazine of USENIX

“The Car Hacker's Handbook is, on the one hand, an important work that can be highly useful to those who want to find the ways and mean to protect vehicles from cyber-attack, and, on the other, scary as hell for the rest of us.”
—Automotive Design & Production

“Smith is set on providing knowledge that will help users improve their car’s security and performance. The ultimate goal is to shed light on the inner workings of modern cars, discover potential security weaknesses and urge automakers to fix them, discover intentional choices that shouldn’t have been made (e.g. Volkswagen emissions scandal), and to know what you are driving.”
—Help Net Security

According to Craig Smith, “Really any vehicle on the market right now is susceptible”. Read more in his interview with I3 Magazine.

“A car hacker's bible. Smith cites the importance of having individuals as well as auto makers continually check and test their vehicles. He also cites the importance of public awareness that can pressure both manufacturers and safety agencies into developing safeguards and standards designed to keep ahead of the threat. And these really are only the early steps in a very long haul issue.”
—The Auto Channel

“A detailed overview of the computer systems and embedded software ubiquitous in today’s new cars. The author describes the numerous entry points where a hack can occur. Starting with CAN, the infotainment system, the engine control unit (ECU), and more.”
—CAN Newsletter

“As cars become more connected and contain more software than ever, their vulnerabilities are being publicly exposed, often to the great embarrassment of automakers. Craig Smith’s excellent, detailed book lifts the lid on all the major threat vectors in the vehicle, with great technical depth. For anyone interested in security and the modern vehicle, or whose job depends on these areas, there is simply no better book out there!”
—Andrew Brown, Strategy Analytics, Executive Director of Enterprise and IoT Research

“The Car Hacker's Handbook is useful, insightful, and brimming with pragmatic advice. Highly recommended to those in the automotive and security industries.”
—Prof. Christof Ebert, Vector Consulting Services

One of Opensource.com's "Hot open source books" of 2016!

“Easily the best book I have ever found for learning about how to use a CAN bus. I would recommend this book for engineers working with embedded systems, even if they do not work with cars. I give this book 5 out of 5.”
—Robots for Roboticists

“A useful resource for cybersecurity experts.”
—Mercury Blog

Updates

View the latest errata.