Thursday, April 17, 2025
HomeSecurity HackerPASTA - A New Car Hacking Tool Developed by Toyota to Test...

PASTA – A New Car Hacking Tool Developed by Toyota to Test The Security Vulnerabilities

Published on

SIEM as a Service

Follow Us on Google News

Toyota builds a new car hacking tool called PASTA (Portable Automotive Security Testbed) an open source tool for researchers to test the security vulnerabilities in modern cars.

A Team of security researchers from Toyota carried a tool box to present their research in BLACKHAT EUROPE 2018, London and they demonstrate the PASTA testing platform in front of blackhat audience.

Cyber criminals often compromising the cars since everything connected to the Internet, a poor security configuration or poor programming of the devices open the possibility of an attack that alters the functions of the vehicle, remotely gaining control of it.

- Advertisement - Google News

Also still its challenging in case of automated driving, securing vehicles that running under sophisticated driving-assist technologies against cyber attacks.

Toyota’s building this tool to perform security testing automobile manufacturers to perform testing and exposing holes in the automated and networked features in their vehicles.

                                                                                  Structure of PASTA

PASTA car hacking tool is contained in an 8 kg portable briefcase and they integrated with a driving simulator program

Toyota security researchers propose this tools by Considering some important requirement including, security electronic control unit (ECU)  by places tough restrictions in order to test vulnerabilities and exploits.

An electronic control unit (ECU) is at the center of the development of cybersecurity technology, and each supplier develops its own automotive information security technology for ECUs in its own environment.

In this case, anyone will be able to apply technology and evaluate that technology with ECU when creating a platform with transparent ECUs with high adaptability.

Toyota researcher said during the demonstration, “Simulating an actual vehicle through hardware is also required for assessing threats of cyberattacks. We need not only to provide an adaptable platform for developing measures for existing cybersecurity but also simulate any function in actual vehicles using white-box ECUs.”

It simulates the remote operation of wheels, brakes, windows, and other car features rather than “the real thing,” for safety reasons. “It’s small and portable so users can study, research, and hack with it anywhere.”

Driving simulator connected to PASTA

Researchers believe that Car Hacking Tool PASTA has the possibility to contribute to a comprehensive development platform against vehicle cyberattacks.

Also, Toyota plans to share the specifications on Github, as well as initially Toyota sell the fully built system in Japan.

Please find the complete white paper and Presentation for Car Hacking Tool project.

• Download Presentation Slides
• Download White Paper

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Managing Burnout in the SOC – What CISOs Can Do

The Security Operations Center (SOC) is the nerve center of modern cybersecurity, responsible for...

The Future of Cybersecurity Talent – Trends and Opportunities

The cybersecurity landscape is transforming rapidly, driven by evolving threats, technological advancements, and a...

Mobile Security – Emerging Risks in the BYOD Era

The rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling...

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard...

Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely

A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation,...

CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports...