Automotive Cybersecurity Part - 2: Pre-Engagement: A Detailed Guide
๐ Automotive Cybersecurity Pre-Engagement
In automotive penetration testing, skipping the preparation phase is one of the costliest mistakes you can make. Pre-Engagement planning ensures that everything from scope to deliverables is clearly defined. This post dissects the crucial steps before a penetration test of telematics control units (TCUs) and infotainment systems (HUs).
๐ Why Pre Engagement Matters
Jumping straight into hacking without a proper plan is like sailing without a compass. This phase helps prevent
- Scope creep
- Missed deadlines
- Incomplete testing
- Unhappy stakeholders
๐ ๏ธ The Penetration Testing Execution Standard (PTES)
PTES offers a comprehensive 7 phase model for conducting penetration tests
- Pre-Engagement Interactions
- Intelligence Gathering
- Threat Modeling
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
Weโll focus on Phase 1: Pre-Engagement Interactions.
๐ง Scope Definition
Properly defining the scope ensures the penetration test focuses on the right targets and avoids unintended business impacts.
Key elements
- Target Architecture: Know the OS, kernel version, CPU architecture.
- Full Disclosure Agreement: Determine access to source code and documentation.
- Release Cycle Awareness: Test only stable builds and document version-specific issues.
- Wireless and IP Details: Clarify all active wireless networks and static IPs.
- Source Code Availability: Preferably request access; otherwise, use disassemblers like IDA Pro or gdb.
๐งพ Rules of Engagement (ROE)
ROE defines how the test will be executed
- Which interfaces are in scope: Ethernet, Bluetooth, WiFi, CAN Bus?
- Will physical ports be accessible?
- Are post exploitation tactics (e.g., persistence, C2) acceptable?
๐งญ Timeline, Stakeholders & Work Breakdown Structure
Clearly define
- Start and End Dates
- Hardware IDs: Document IMSI, MAC, IMEI, etc.
- Stakeholder Matrix: Include names, contact info, and roles.
- Work Breakdown Structure
๐งพ Documentation Collection
Expect significant documentation
- Custom protocol specs
- CAN bus matrices
- Previous test reports
- Firmware details
Ask early. Organize well.
โ Project Management Framework (PMBOK Alignment)
Map project phases with PTES for efficient execution
| PMBOK Phase | PTES Equivalent |
|---|---|
| Conception/Initiation | Project Charter, Stakeholders |
| Planning | Scope, WBS, Risk Management |
| Execution | Vulnerability Analysis, Exploitation |
| Monitoring | Status Tracking, KPIs |
| Closing | Reporting, Deliverables |
๐ฆ Deliverables
- Project Charter
- Scope Statement
- WBS and Gantt Chart
- Threat Models
- Final Penetration Test Report
- Presentation for Stakeholders
๐ง Final Notes
Professionalism in Pre-Engagement builds trust with stakeholders and ensures the test meets security, business, and regulatory expectations. Every step matters.