PASTA – A New Car Hacking Tool Developed by Toyota to Test The Security Vulnerabilities

Toyota builds a new car hacking tool called PASTA (Portable Automotive Security Testbed) an open source tool for researchers to test the security vulnerabilities in modern cars.

A Team of security researchers from Toyota carried a tool box to present their research in BLACKHAT EUROPE 2018, London and they demonstrate the PASTA testing platform in front of blackhat audience.

Cyber criminals often compromising the cars since everything connected to the Internet, a poor security configuration or poor programming of the devices open the possibility of an attack that alters the functions of the vehicle, remotely gaining control of it.

Also still its challenging in case of automated driving, securing vehicles that running under sophisticated driving-assist technologies against cyber attacks.

Toyota’s building this tool to perform security testing automobile manufacturers to perform testing and exposing holes in the automated and networked features in their vehicles.

Structure of PASTA

PASTA car hacking tool is contained in an 8 kg portable briefcase and they integrated with a driving simulator program

Toyota security researchers propose this tools by Considering some important requirement including, security electronic control unit (ECU)  by places tough restrictions in order to test vulnerabilities and exploits.

An electronic control unit (ECU) is at the center of the development of cybersecurity technology, and each supplier develops its own automotive information security technology for ECUs in its own environment.

In this case, anyone will be able to apply technology and evaluate that technology with ECU when creating a platform with transparent ECUs with high adaptability.

Toyota researcher said during the demonstration, “Simulating an actual vehicle through hardware is also required for assessing threats of cyberattacks. We need not only to provide an adaptable platform for developing measures for existing cybersecurity but also simulate any function in actual vehicles using white-box ECUs.”

It simulates the remote operation of wheels, brakes, windows, and other car features rather than “the real thing,” for safety reasons. “It’s small and portable so users can study, research, and hack with it anywhere.”

Driving simulator connected to PASTA

Researchers believe that Car Hacking Tool PASTA has the possibility to contribute to a comprehensive development platform against vehicle cyberattacks.

Also, Toyota plans to share the specifications on Github, as well as initially Toyota sell the fully built system in Japan.

Please find the complete white paper and Presentation for Car Hacking Tool project.

• Download Presentation Slides
• Download White Paper

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…

1 day ago

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…

1 day ago

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…

1 day ago

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and…

1 day ago

Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials

A surge in phishing text messages claiming unpaid tolls has been linked to a massive…

1 day ago

State Bar of Texas Confirms Data Breach, Begins Notifying Affected Consumers

The State Bar of Texas has confirmed a data breach following the detection of unauthorized…

1 day ago