CANSPY - A Platform for Auditing CAN Devices

Explore the capabilities of CANSPY, a platform designed for auditing CAN devices, in this 42-minute Black Hat conference talk. Delve into the world of automotive security as speakers Jonathan-Christofer Demay and Arnaud Lebrun introduce a tool that allows security auditors to intercept, block, forward, and modify CAN frames in real-time. Learn how CANSPY provides advanced functionalities beyond conventional CAN bus tools, enabling efficient reverse-engineering of upper-layer protocols. Discover the platform's versatility, cost-effectiveness, and ease of construction using inexpensive COTS components. Witness a practical demonstration showcasing CANSPY's unique approach to automotive security auditing by partially emulating ECUs to assess devices connected to the OBD-II port.

Intro
Presentation overview
Auditing conventional IT systems
What about car manufacturer?
CAN architectures
Crafting CAN attacks
CANSPY objectives
CANSPY hardware
Man-in-the-middle interesting point
Demonstration bench