TU-Automotive Europe is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.


Pen Test Partners


Pen Test Partners at TU-Automotive Europe 2019

Tesla Takedown: How diagnostic innovation can leave vehicles open to attack

Tesla is renowned for breaking new ground but recent investigations reveal that its alternative to the conventional OBD can be used to hack the car. Owners typically plug an ELM327 module in to the Tesla diagnostics connector to get read-outs to their phone. Left connected this can provide easy access to all five CAN buses. In this session we explore:

  • Execution of the attack via Bluetooth
  • How different data types could be identified and abused ie the battery contactor
  • How the module could be used to ‘fuzz’ the CAN (by replicating and changing existing messages)
  • The consequences of this interference: killing the Tesla
  • Takeaways for the automobile industry re the do’s and don’ts of allowing third party software to interface with key systems

Nigel Hearne, Security Researcher and Senior Consultant, Pen Test Partners