Connect with Us

Telematics Security Testing

Cars are becoming extremely complex products. In the 1950s all it took was a mechanical engineer to build one, today most vehicle controls are electronic. Even low-end cars have embedded more than 30-50 so-called Electronic Control Units (ECUs) that talk over Controller Area Networks (CANs). The number of ECUs is growing: not only because of safety and emissions reduction but, lately, because of the emerging demand for a "connected vehicle.”

Today, a car can have as much as 100 million lines of code, more lines of code than a F-22 fighter jet. Over the past decade, the automobile’s role to consumers has been transforming from what was once perceived as a personal transportation vehicle to what is now quickly becoming a new mobile device facilitated by telematics systems.

Conference: Hacking the Connected Car

Alissa Knight presenting at the Secure Car Conference 2016 in Munich, Germany


Consumers today are now twice as likely to purchase a car based on its technology than what was once for performance. According to a recent survey by Accenture Research, 39% of consumers surveyed said their primary consideration in choosing a new car is in-car technology compared to 14% who sighted performance as their primary motivator. With no surprise, this consumer demand has also spilled over into emerging markets, including China, Brazil, Indonesia, and Malaysia.

This connectivity is enabled through telematics systems. At its core, telematics deals with the services enabling vehicles to communicate over a telecommunications device, whether that be automatic crash notification to emergency services, roadside assistance, vehicle tracking, remote door services, navigation assistance, traffic assistance, concierge services, infotainment services, fleet management, and diagnostics.


Brier & Thorn performs security testing of all layers of the Telematics System over the entire attack surface that the TCUs use to communicate, including Bluetooth, WLAN, and cellular phone networks. All layers of a telematics system are tested, including the:

  1. Telematics Control Unit or TCU, which is an embedded in-vehicle device control unit that communicates with the automobile electronic control units ECUs and GPS satellite, accessing the telematics services over the wireless infrastructure.
  2. Telematics Network Operations Systems or TNOS, which is the hub where all telematics services are delivered and all raw data from the TCUs is processed.
  3. Wireless Communications Infrastructure or WCI, which provides the backbone for all the information exchange between the TNOS and TCUs and between the TCUs in the form of AD-HOC networks
  4. Vehicle Interface Block or VIB, which is responsible for communication with the rest of the vehicle ECUs and GPS receiver, including all network types and protocols used in the in-vehicle network, such as LIN, MOST, CAN, and Flexray.

The security of the communication sessions of data in transit between the Service/Content Providers, Call Centers, and the TNOS are also tested as well as use of any encryption, including certificate exchange protocols.

Client Results

We share our clients’ ambitions working to understand their reality and deliver true results – focusing on strategic decisions and practical actions. We align our incentives with our clients’ objectives so they know we’re in this together as a closely-held partnership.

Global manufacturer of connected products and solutions for automakers, consumers, and enterprises worldwide relies on Brier & Thorn for TCU security testing

The automotive division of a global manufacturing company in Stuttgart, Germany retained Brier & Thorn for security testing services of its telematics control unit (TCU) prior to the implementation inside fleet of connected cars.

European automaker selects Brier & Thorn for security testing of its fleet of connected cars

A large european automaker has retained Brier & Thorn to perform penetration testing of its fleet of connected cars.