Toyota Builds Open-Source Car-Hacking Tool

‘PASTA’ testing platform specs will be shared via open-source.

BLACK HAT EUROPE 2018 – London – A Toyota security researcher on his flight from Japan here to London carried on-board a portable steel attaché case that houses the carmakers new vehicle cybersecurity testing tool.
Takuya Yoshida, a member of Toyotas InfoTechnology Center, along with his Toyota colleague Tsuyoshi Toyama, are part of the team that developed the new tool, called PASTA (Portable Automotive Security Testbed), an open-source testing platform for researchers and budding car hacking experts. The researchers here today demonstrated the tool, and said Toyota plans to share the specifications on Github, as well as sell the fully built system in Japan initially.
What makes the tool so intriguing – besides its 8 kg portable briefcase size – is that automobile manufacturers long had either ignored or dismissed cybersecurity research exposing holes in the automated and networked features in their vehicles. Toyotas building this tool and sharing its specifications via open source is a major shift for an automaker.
There was a delay in the development of cybersecurity in the automobile industry; [its] late, Toyama - the research lead in the PASTA project - said in the pairs
talk here
today. Now automakers including Toyota are preparing for next-generation attacks, he said, but there remains a lack of security engineers that understand auto technology.
That was a driver for the tool: to help researchers explore how the cars engine control units (ECUs) operate, as well as the CAN protocol used for communicating among elements of the vehicle, and to test out vulnerabilities and exploits.
Toyama said the tool isnt meant for the live, moving-car hacking that Charlie Miller and Chris Valasek
performed
: the goal was to offer a safe platform for researchers who may not have the expertise of Miller and Valasek, for example. It simulates remote operation of wheels, brakes, windows, and other car features rather than the real thing, for safety reasons. Its small and portable so users can study, research, and hack with it anywhere.
The PASTA platform holds four ECUs inside, as well as LED panels that are controllable by the researcher to run any tests of the car system operation, or attacks such as injecting CAN messages. It includes ODBII and RS232C ports, as well as a port for debugging or binary hacking, he said.
You can modify the programming of ECUs in C as well, he said.
The researchers integrated the tool with a driving simulator program, as well as with a model car to demonstrate some ways it can be used. PASTA also can be used for R&D purposes with real vehicles: that would allow a carmaker to test how a third party feature would affect the vehicle and its security, or reprogram firmware, for example.
Toyota plans to later add to PASTA Ethernet, LIN, and CAN FD, as well as Wi-Fi, Bluetooth, and cellular communications features for testing.
PASTA soon will be
available on Github
, the researchers said.
Related Content:
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles

This Time, Miller & Valasek Hack The Jeep At Speed

State Trooper Vehicles Hacked
7 Real-Life Dangers That Threaten Cybersecurity

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Toyota Builds Open-Source Car-Hacking Tool