As far as I could tell in testing with a salvage vehicle was that the MCU has no CAN access. Everything you do on the MCU that could affect anything with the drive system or anything important was sent as a request to the gateway, which appears to handle the CAN communication. I have no idea what the criteria the gateway has for honoring these requests, but it would stand to reason that hacking the MCU would at most just get you ethernet comm with the gateway, which can already be done physically if you feel like removing the dash.
Ahh, but the MCU *could* have CAN access if it used the software update mechanism to reach the CAN bus, and I'm offering how you do it if you can compromise the MCU remotely.
Let's assume the following scenario:
The attacker learns that a module (let's just say TPMS) is made by ABC Corp. and does not use validated or signed firmware from ABC Corp. The attacker learns about the microcontroller and its CANbus connection, and disassembles the firmware to learn what it does and the messages it sends. He formulates a new firmware that - instead of accepting firmware image update commands and dropping to the bootloader to update - instead uses information inside a fake image to send arbitrary CANbus messages.
Okay, so now he needs to get this firmware onto the TPMS module.
Let's assume for a moment that Model S does signature validation on the MCU - that's easier for an attacker to work with. The attacker gains superuser access, downloads his special TPMS firmware onto the MCU, and pushes it via the gateway to the firmware updater, just as Tesla would do. It's not subject to Tesla's bundle signature or server source requirement because he already has superuser access and are pushing the individual image via the gateway (bypassing Tesla's unbundling and validation checks). The gateway happily pushes the attacker's new firmware to the TPMS module. As the module's firmware updates are insecure (unsigned / unvalidated from ABC Corp.), it happily installs the new code onto the TPMS module and restarts it. Meanwhile, the attacker installs a trojan that actively makes a connection out to a command & control server.
Now, the attacker wants to send an arbitrary CANbus message. From the command & control server he sends a packet containing whatever magic he needs, along with the arbitrary CANbus command he wants to execute. The trojan on the MCU receives that, then formulates a special firmware image update and sends it to the gateway. To the gateway, it appears that there's another image upgrade to the TPMS module. The TPMS module's special attacking firmware ignores the whole image update process and instead takes the firmware update (a cloaked CANbus message), and dumps it onto the CANbus.
This is the easiest scenario to imagine. It's foiled with a number of different architectural components:
First, if the "gateway" functionality is what does the unbundling and signature validation, having superuser access on the MCU doesn't accomplish anything because you won't be able to send a properly-signed bundle to the "gateway". But it's unclear whether Tesla handles signature validation on the MCU (which would render it vulnerable) or on the gateway.
Second, Tesla could always layer insecure/unsigned module updates in its own signature wrapper that is confirmed by the gateway - like the first case, it would take away the ability for the attacker to sign the firmware update and it would be ignored, not pushed by the gateway.
Third, the gateway could always refuse to update firmware on modules unless the car was in update mode. The gateway would reject any image update messages if the car was deemed to be "active" in any way, and this would eliminate the vector. (That said, it would still be vulnerable to an attack whereby the hacked TPMS code stores the CANbus message to be dumped onto the bus at a later time when the car is active.)
Fourth, Tesla could insist all module suppliers sign and validate firmware updates in their modules as a condition for being a supplier.
Fifth, Tesla could sign and validate CANbus messages so that the TPMS couldn't inject a "hit the brakes hard" message.
- - - Updated - - -
EDIT: The bottom line is that there is a way to connect through the systems to get a message to the CANbus, if one works hard enough.