Automotive Security Training

Choose a country or area to see content specific to your location

United States

日本
繁體中文
한국
Brasil
Canada
Deutschland
France
India
Malaysia
United Kingdom
United States
United States

您希望搜索哪方面的内容？

MXG Signal Generator UXA Signal Analyzer PXA Signal Analyzer 寻找解决方案需要技术支持参加课程查找活动原厂翻新仪器 KeysightCare 在线购买

No product matches found - System Exception

At a Glance

Overview

Training Outline

Related Trainings

显示更多

Training at a Glance

Format

Classroom training
Interactive exercises and quizzes
Live mentoring

Audience

Anyone working with automotive embedded systems
Decision-makers to engineers with technical and non-technical backgrounds

Duration

4 courses
4 weeks total
4 hours live mentoring

Outcomes

Identify and understand threats
Learn relevant automotive attack and defense mechanisms
Be able to evaluate and secure automotive systems

Ensure Security of Automotive Embedded Systems

Modern cars increasingly depend on complex digital systems to manage various operations, expanding their potential attack surface and making them prime targets for cyber threats. Ensuring the security of these systems is now essential for all automotive teams.

This training addresses the challenges of evolving cybersecurity in the automotive sector by equipping teams with a solid security mindset. It significantly mitigates the risk of cyber-attacks and enhances overall vehicle reliability and security. Participants will gain valuable insights and practical knowledge to improve the security and resilience of automotive embedded technologies.

A proactive approach to cybersecurity protects a company’s reputation and results in substantial cost savings by preventing costly recalls, reducing liability from potential security breaches, and avoiding the financial impact of cyber-attacks. Investing in security training and defense strategies ultimately translates into competitive advantages, such as increased consumer trust and market share, contributing to long-term profitability and sustainability in the industry.

Training Outline

Introduction to security engineering
Technical terms, definitions, and key concepts in automotive security
Threat analysis and risk assessment (TARA) and standards
Overview of industry standards and frameworks
Introduction to the TARA methodology
- Actors in embedded systems: Understanding the various assets, components, and threat modeling in embedded and automotive systems
- Introduction to risk assessment: Basics of assessing security risks in automotive contexts

Introduction to automotive systems

Approach to evaluations: Methodologies for assessing system vulnerabilities
Printed Circuit Boards (PCBs): Understanding PCB and component analysis of ECUs in automotive systems
Virtual machines (VMs)
- Procedure: Setting up VMs for automotive security testing
- Screenshots: Demonstrating VM setup

Digital interfaces and OSI layers

UART interface
- Understanding UART in the OSI model
- Practical tips for locating UART in automotive systems
JTAG interface
- Introduction to JTAG and its role in automotive security
- Methods for identifying JTAG interfaces

Automotive interfaces and protocols

Controller Area Network (CAN)
- Connecting to a CAN bus
- Identifying and analyzing CAN signals (differential signals)
- Using CAN utilities to read and write messages
- Tools: SavvyCAN, Python-can-remote
Automotive ethernet
- Understanding Automotive Ethernet across OSI layers (Physical, Link, Network)
Techniques for identifying automotive ethernet in a system
Getting Hands-on:
- Using open source tools and wireshark to demonstrate attacks on Automotive Ethernet with interactive exercise covering attacks on CAM overflow, VLAN configuration and trunking, and Dynamic Trunking Protocol (DTP) attacks
- Security threat and mitigations
FlexRay
- Introduction to FlexRay protocol
- Exploring FlexRay and its OSI layers (Physical, Link, Network)
- Identifying and connecting to FlexRay using both available and custom tools
- Approaches for sniffing and man-in-the-middle (MiTM) attacks, security threats in FlexRay environments
Power Line Communication (PLC)
- Introduction to PLC communication and protocol
- The role of PLC in automotive sytems, with an OSI layer breaskdown (Physical, Link, Network)
Quiz

Diagnostics in automotive systems

Unified Diagnostic Services (UDS): Theory and practical application in vehicle diagnostics
Diagnostics over IP (DoIP): Understanding DoIP in modern automotive systems

Practical hands-on session

Participants engage in practical exercises using diagnostic tools to analyze and secure automotive systems

Advanced Hands-On Session

Deep dive into UDS:
- Core concepts and structure of UDS in automotive diagnostics.
- Exploration of critical UDS services related to security.
- Key response codes and their significance.
- Overview of tools and scripts used for identifying and fuzzing UDS servers over CAN.
- Building custom scripts to identify UDS servers and fuzz them to detect supported
- services.
- Understanding security access services (e.g., 0x27).
- Assessing potential security threats and mitigation strategies.

Real world Case Studies:

Analysis of real-world automotive security incidents
Lessons learned, and applying theoretical concepts to real-world cases.

Defense Strategy and Attack Rating Techniques:

Practical aspects of defense strategies, along with methodologies and techniques for attack rating.

Modern Attack Techniques:

Brief overview of Fault Injection (FI), Side-Channel Attacks (SCA), and software exploitations.

Security from a Defender’s Perspective:

Comprehensive overview of defense tactic
Security measures from a defensive stance.

Course End Quizzes and Final Assessment

Wrap-Up and Q&A

Summary of key takeaways.

Open floor for questions and discussion.

Interested in this service? Reach out to learn more.