Automotive Cyber Security

Home Automotive Cyber Security
Automotive Cyber Security

Automotive Cyber Security

Rs.30,000.00

18% GST Extra

Please login to purchase the course.

SKU: cid_195165 Category:
Overview

Systems that are connected to other systems are vulnerable to cyberattacks. This is just as applicable to automotive electronics as it is to IT systems connected to digital services. This is where our training courses come in. We offer you a fundamental introduction to cyber-security and information security, from analyzing threats and risks to defensive strategies. Each training session concentrates on different methods, standards, and guidelines, providing you with a comprehensive overview of the topics covered by automotive security.

Training Overview of Topics

From introductions for people new to the topic to briefing sessions for decision-makers, our automotive cybersecurity courses go over and beyond technical questions to look at all relevant topics. One big message that we convey is that comprehensive protection is a challenge to entire companies. This is because operational and organizational structures can be an open invitation to intruders to invade your electronic systems. As well as looking at established standards and guidelines, we also consider the future of the ISO/SAE 21434 standard and show how to methodically and systematically shield your automotive electronic systems from cyberattacks.

All courses are also available as in-house staff training courses, which we can tailor to your requirements and hold at your place of work.

Course Features
  • 24X7 Access: You can view lectures at your own convenience.
  • Online lectures: Online lectures with high-quality videos.
  • Hands-on practice: Includes source code files for hands-on practice.
Test & Evaluation

1. During the program, the participants will have to take all the assignments given to them for better learning.

2. At the end of the program, a final assessment will be conducted.

Certification

1. All successful participants will be provided with a certificate of completion.

2. Students who do not complete the course / leave it midway will not be awarded any certificate.

Automotive Security Training - Day-Wise Topics & Subtopics

Day 1 - Introduction to Car Security - Part 1

Topics:

  1. Modern Vehicle as "Data Center on Wheels"
    • Software complexity evolution (100M lines of code, 300M by 2030)
    • Comparison with other systems (Aircraft: 15M, PC: 40M)
    • NASA error standard: 0.1 errors per 1000 lines
  2. Vehicle Architecture Overview
    • ECU (Electronic Control Unit) ecosystem (~150 ECUs per vehicle)
    • CAN bus as central communication backbone
    • OBD port mandate (US regulation since 1996)
  3. Historical Automotive Hacks
    • 2002: VW/Audi/Porsche powertrain hacking
    • 2010: GM OnStar hack (University of Washington)
    • 2013-2015: Miller & Valasek Chrysler Jeep hack (1.4M recall)
    • Tesla hacks and rapid OTA response
    • BMW ConnectedDrive vulnerabilities
  4. Industry Impact
    • Brand reputation damage (80% buyers avoid hacked manufacturers)
    • Recall costs and profitability
    • $60 billion automotive cybersecurity market

 

Day 2 - Introduction to Car Security - Part 2

Topics:

  1. Defense in Depth Across Security Domains
    • Security throughout product lifecycle (design → manufacturing → operation → disposal)
    • End-to-end security requirements
    • OEM and supplier security responsibilities
  2. Cyber Threat Sources Evolution
    • Hacktivists (declining - attention to cause)
    • Insiders (most dangerous - know weaknesses)
    • Hackers vs. Crackers distinction
    • Industrial spies (nation-state supported)
    • Organized crime groups (car theft)
    • Disgruntled employees
    • State-sponsored attacks
  3. Modern Car Electronics Architecture
    • ~150 ECUs per vehicle
    • Components: Airbag ECU, OBD2, USB, Bluetooth, DSRC, TPMS, ADS
    • Keyless entry, Tire pressure monitoring
    • Infotainment, Telematics, Engine/Transmission ECUs
  4. Connected & Autonomous Vehicles
    • V2V (Vehicle-to-Vehicle) collision avoidance
    • V2I (Vehicle-to-Infrastructure) traffic signals
    • V2P (Vehicle-to-Pedestrian) alerts
    • V2N (Vehicle-to-Network) real-time updates
    • CV2X stack from Qualcomm (4G/5G connectivity)
    • Projections: 100% connected by 2030, 40-50% autonomous
  5. Attack Surfaces & Threat Vectors
    • Infotainment system (Qt browser vulnerabilities)
    • Mobile device connections
    • USB/data storage malware
    • OTA update compromise
    • Cloud server impersonation (man-in-the-middle)
    • GPS spoofing, Radar interference
    • Sign board manipulation (Tesla example)
  6. Security Requirements (CIA+)
    • Confidentiality - data disclosed only to authorized
    • Integrity - accuracy, no unauthorized modification
    • Availability - resources available despite incidents
    • Authenticity - parties are who they claim
    • Authorization - rights to perform actions
    • Access Control - restrict to authenticated users
    • Non-repudiation - undeniable proof of actions
  7. Authentication vs Authorization vs Encryption
    • Authentication: Who you are (password/token/biometric)
    • Authorization: What you can do (access rights)
    • Encryption: Protection mechanism (keys)
    • Multi-factor authentication (something you know/have/are)
  8. Defense in Depth (Onion Model)
    • Physical security (outermost)
    • Firewall
    • Intrusion Detection System (IDS)
    • Authentication
    • Authorization
    • Vital assets (center)
  9. Cryptographic Key Lengths
    • 80-bit: Expired after 2010
    • 128-bit: Minimum current standard (expires ~2031)
    • 256-bit: Recommended for long-term (car lifespan)
    • AES-128, SHA-256, RSA-3072 equivalents
    • Quantum computing threat discussion
  10. Security Operations & Threat Intelligence
    • Security Operations Centers (SOC)
    • Real-time vehicle monitoring
    • OEM remediation workflows
    • Bug bounty programs
    • Threat engine ratings
    • Zero-day vulnerability handling
  11. Enterprise Security Priorities
    • Firewall deployment
    • Intrusion detection systems
    • Device control solutions (USB restrictions)
    • Identity management (SSO)
    • Access control & auto log-off
    • Audit capabilities
    • Wireless security best practices

 

 

Day 3 - Embedded Security & Cryptography Basics

Topics:

  1. IT Security vs. Automotive Security
    • Resource constraints (8-bit/16-bit microcontrollers)
    • Real-time requirements
    • Physical accessibility challenges
    • Long vehicle lifespan (10-15 years)
  2. Security Objectives (6 Pillars)
    • Confidentiality, Integrity, Authentication
    • Identification, Non-repudiation, Access Control
  3. Symmetric Key Cryptography
    • DES (Data Encryption Standard) - historical
    • AES (Advanced Encryption Standard)
    • Block ciphers vs. Stream ciphers
  4. Asymmetric Key Cryptography Introduction
    • Public/Private key concepts
    • RSA algorithm basics
    • Key exchange problem
  5. CAN Bus Security Challenges
    • Broadcast nature (no addressing)
    • No built-in authentication
    • No encryption
    • Introduction to SecOC and E2E protocols

Day 4 - CAN Bus Attack Scenarios (Hoppe Research) - Part 1

Topics:

  1. CERT Taxonomy for Incident Classification
    • Attacker identification (who)
    • Tool categorization (how)
    • Vulnerability classification (what)
  2. Attack Scenario S1: Electric Window Lift
    • Replay attack demonstration
    • CAN message capture and replay
    • DoS through continuous message injection
  3. Attack Scenario S2: Warning Lights Manipulation
    • Instrument cluster spoofing
    • False warning generation
    • Driver distraction risks
  4. Attack Scenario S3: Airbag Control System
    • Safety system availability attack
    • Masking airbag removal
    • Severe safety implications
  5. Attack Scenario S4: Gateway ECU Exploitation
    • Central gateway vulnerabilities
    • Cross-network attacks
    • Full vehicle compromise potential

Day 5  - CAN Bus Attack Scenarios - Part 2 & Countermeasures

Topics:

  1. Security Aspects Analysis
    • Confidentiality violations
    • Integrity violations
    • Availability violations
    • Authenticity violations
    • Non-repudiation issues
  2. Short-term Countermeasures
    • Pattern 1: Message frequency monitoring
    • Pattern 2: Message ID verification
    • Pattern 3: Low-level communication characteristics analysis
  3. Intrusion Detection Systems (IDS)
    • Pattern detection approaches
    • Automated vs. manual response
    • False positive handling
  4. Long-term Solutions
    • Complete protocol redesign needs
    • MAC implementation for CAN
    • CRC limitations vs. cryptographic checksums
  5. Safety vs. Security Interplay
    • Functional safety implications
    • ISO 26262 (safety) vs. ISO 21434 (security)

Day 6 - Computer Security Fundamentals - Part 1 (CSS)

Topics:

  1. Security Philosophy
    • Ken Thompson's Trojan compiler story
    • Policy vs. Mechanism
    • Threat modeling principles
    • "Trusting Trust" problem
  2. Famous Security Incidents
    • Sarah Palin email hack (security questions weakness)
    • Matt Honan account compromise (chain attacks)
    • Stuxnet case study (nation-state attack)
  3. Buffer Overflow Attacks
    • Stack layout in Linux (x86)
    • Return address manipulation
    • Shell code injection
    • Stack smashing techniques
  4. Integer Overflow Attacks
    • Arithmetic overflow exploitation
    • Signed/unsigned confusion
    • Size calculation vulnerabilities
  5. Format String Vulnerabilities
    • Printf exploitation (%n, %x)
    • Memory disclosure attacks
    • Arbitrary write primitives

Day 7 - Computer Security Fundamentals - Part 2 (CSS)

Topics:

  1. Heap Exploitation
    • Heap memory management
    • Heap spraying techniques
    • JavaScript heap attacks
    • V-table corruption
  2. Access Control Models
    • DAC (Discretionary Access Control)
    • MAC (Mandatory Access Control)
    • RBAC (Role-Based Access Control)
    • Comparison and use cases
  3. Virtualization for Security
    • Virtual machines as isolation
    • Hypervisors introduction
    • Container concepts
    • QNX as automotive hypervisor
  4. Browser Security
    • Same-origin policy
    • XSS vulnerabilities
    • Safari, Firefox, IE attack history
    • NoScript and other defenses

Day 8 - Kali Linux for Penetration Testing - Part 1

Topics:

  1. Linux File System Structure
    • /bin (binaries), /sbin (system binaries)
    • /etc (configuration), /dev (devices)
    • /var (variable data), /home, /root
    • /proc (processes), /mnt (mount points)
  2. Essential Terminal Commands
    • Navigation: cd, pwd, ls
    • File operations: cat, cp, mv, rm
    • Text processing: grep, sort, uniq
    • Piping and redirection (|, >, >>)
  3. User and Permission Management
    • Root vs. regular users (# vs $)
    • sudo mechanism
    • chmod, chown commands
    • File permission bits (rwx)
  4. Terminal Multiplexers
    • tmux usage
    • Multiple window management
    • Session persistence

Day 9 - Kali Linux for Penetration Testing - Part 2

Topics:

  1. File Manipulation
    • mv (move/rename), rm (delete)
    • mkdir, rmdir
    • Recursive operations (-r flag)
    • locate, find, which commands
  2. File Compression
    • tar (archive creation)
    • gzip, bzip2 compression
    • tar.gz / tgz format
    • zip/unzip operations
  3. Text File Management
    • head, tail commands
    • more, less for browsing
    • sort and uniq
    • Word lists (rockyou.txt)
  4. Remote Connections
    • SSH basics and configuration
    • SSH key-based authentication
    • RDP for Windows connections
    • Port configuration
  5. Service Management
    • systemctl commands
    • Starting/stopping services
    • Enabling services at boot
    • Apache web server setup

Day 10 - Kali Linux for Penetration Testing - Part 3

Topics:

  1. Advanced Text Processing
    • grep with regex patterns
    • awk for field extraction
    • sed for stream editing
    • cut command for delimiters
  2. Package Management
    • apt update vs. upgrade
    • apt install/remove
    • dpkg for .deb files
    • Repository configuration (/etc/apt/sources.list)
  3. Process Management
    • ps, top, htop
    • Process IDs (PID)
    • Killing processes
    • Background/foreground jobs
  4. System Information
    • uname -a
    • /proc/cpuinfo, /proc/meminfo
    • fdisk, lsblk
    • lsusb, mount

Day 11 - Kali Linux - Practical Lab & QNX/Android Hacking

Topics:

  1. Hands-on Lab Session
    • Setting up Kali Linux environment
    • Virtual machine configuration
    • Online alternatives (onworks.net)
    • Command practice session
  2. QNX Operating System (Video Analysis)
    • QNX as automotive hypervisor
    • RTOS (Real-Time Operating System)
    • BSP (Board Support Package)
    • Update mechanisms and security
  3. Android Infotainment Hacking
    • Android vs. QNX architecture
    • SE Linux security
    • ADB (Android Debug Bridge)
    • Developer mode exploitation
  4. Privilege Escalation Concepts
    • Shell user vs. root
    • ADB root to shell demotion
    • Interrupting privilege lowering
    • File system write access

Day 12 - Guest Lecture: Cryptography Deep Dive - Part 1

Topics:

  1. Inrtoduction to Cryptography
    • Symmetric key cryptography (DES, AES)
    • Asymmetric key cryptography (RSA, ECC)
  2. Recommended Key Lengths
    • Short-term security (64-bit symmetric)
    • Medium-term security (128-bit symmetric, ~10 years)
    • Long-term security (256-bit, quantum-resistant)
    • Asymmetric key equivalents
  3. Hash Functions
    • Purpose and properties
    • One-way function concept
    • Collision resistance
    • MD family (MD5 - deprecated)
    • SHA family (SHA-1, SHA-256, SHA-512)
    • Merkle-Damgård construction
  4. Message Authentication Codes (MAC)
    • Purpose: Integrity + Authentication
    • HMAC (Hash-based MAC)
    • CMAC (Block cipher-based MAC)
    • MAC vs. Digital Signatures
  5. Non-repudiation Concepts
    • Why MAC cannot provide non-repudiation
    • Need for digital signatures
    • Private key for signing

 

Day 13 - QNX/Android Hacking & Vehicle Security Architecture

Topics:

  1. QNX Hacking (Video: Nico Rivera - DEF CON 27)
    • QNX as automotive hypervisor (made by Blackberry)
    • RTOS (Real-Time Operating System) - Neutrino version
    • BSP (Board Support Package) update process
    • QNX binaries: USB launcher, MCD, MMdetect, QDB
    • Qt5 framework for infotainment UI
    • DoS attack vectors on QNX systems
  2. QNX Enumeration & Attack Vectors
    • WiFi port scanning
    • Bluetooth (BTLE jack for DoS)
    • GSM/Hotspot man-in-the-middle
    • Telnet open ports (root shell access)
    • Custom applications password storage
    • File header testing script (MP3, GIF, etc.)
  3. Android Infotainment Hacking
    • Android vs QNX architecture differences
    • Bionic (replaced glibc)
    • SE Linux for privilege separation
    • DAC vs MAC policy enforcement
    • Single-user design implications
  4. ADB (Android Debug Bridge) Exploitation
    • Developer mode activation in cars
    • ADB shell access
    • Android users: root, system, app, user, shell
    • Android groups: inet6, inet_admin, sdcard_rw
    • ADB starts as root, then lowers privileges
    • Interrupting privilege demotion for root access
  5. Android Privilege Escalation
    • data/local.prop - RO.secure setting
    • RO.kernel.qemu flag
    • Unlocked bootloader attacks
    • SuperSU binary compilation
    • Persistent ADB root privileges
  6. Hardware Hacking Techniques
    • UART (Universal Asynchronous Receiver-Transmitter)
    • TX, RX, Ground pad identification
    • Baud rate configuration
    • Soldering techniques for access
    • UART typically drops to root shell directly
  7. Flash Chip Reflashing (Russian Forum Technique)
    • EEPROM chip removal
    • $40 Amazon device for dumping
    • Firmware extraction and modification
    • Binwalk for file system extraction
    • Rewriting modified firmware
  8. Linux File Permissions & Security
    • chmod 777 vs 775 dangers
    • Global write permission vulnerabilities
    • Shell script permission misconfiguration
    • .bashrc exploitation
    • Heartbleed vulnerability case study
  9. Vehicle Physical Security
    • Tamper Evidence (passive detection)
    • Tamper Resistance (prevention)
    • Tamper Response (active countermeasures)
    • Physical security measures: seals, epoxy, ceramics, welding
    • Side-channel protection (EM shielding)
    • Self-destruct mechanisms
  10. Security Modules
    • Software modules (lowest security, needs TPM)
    • Security controllers (HSM chips, 8-bit/32-bit)
    • TPM (Trusted Platform Module) - standardized
    • FPGA (Field Programmable Gate Array)
    • ASIC (Application-Specific IC) - highest security
    • Security Box (custom, military-grade)
  11. Vehicle Security Architecture Types
    • Central: Single ECU handles all security (low cost, single point of failure)
    • Distributed: Every ECU has security (high cost, hard to attack)
    • Semi-Central: Combination approach (practical, flexible)
    • High Performance Computing platforms (Nvidia Tegra)
    • Current APTIV approach: Semi-central with HPC units

 

 

 

 

Day 14 - Vehicular Security Mechanisms - Part 1

Topics:

  1. Software Security Assurance
    • Design and implementation verification
    • Internal peer reviews
    • External third-party audits
    • Static code analysis (Flaw Finder, Splint, RATS)
    • Dynamic code analysis (Valgrind, Purify)
  2. Secure Software Initialization
    • Checksum mechanisms (limited security)
    • Hash functions for integrity
    • MAC for authenticity
    • Digital signatures for non-repudiation
    • Physical protection approaches
  3. Secure Boot Process
    • Root of Trust concept
    • Chain of Trust
    • TPM-based verification
    • Configuration attestation
  4. Software Security Architectures
    • Virtualized security architecture
    • Monolithic security architecture
    • Security kernel concepts
    • Resource isolation
  5. Hardware Isolation
    • ARM TrustZone
    • Intel Trusted Execution Technology (TXT)
    • Secure world vs. Non-secure world
    • Secure Monitor Calls (SMC)

Day 15 - Vehicular Security Mechanisms - Part 2

Topics:

  1. Secure OTA Updates - Digital Signature Approach
    • Software signing at OEM trust center
    • Signature appending and distribution
    • Flash tool authentication
    • ECU verification process
  2. Secure OTA Updates - TPM-Based Approach
    • Vehicle configuration binding
    • Asymmetric key generation
    • Certificate validation
    • Trusted channel establishment
    • Content decryption
  3. Component Identification
    • Cryptographic component authentication
    • Physically Unclonable Functions (PUF)
    • Unique device identification
  4. Secure Storage
    • Key protection mechanisms
    • Encrypted storage
    • Access control for sensitive data
  5. Fuzz Testing Introduction
    • Purpose and methodology
    • Penetration testing lab setup
    • First-level assessment benefits
  6. Incident Response Planning
    • Vulnerability assessment
    • Response templates
    • ISO 21434 requirements

Day 16 - Web Technologies & Side Channel Attacks

Topics:

  1. HTML/CSS Fundamentals
    • Web technologies in infotainment
    • Browser-based interfaces
    • HTML structure basics
    • CSS styling basics
  2. Web Security in Vehicles
    • XSS (Cross-Site Scripting) risks
    • Input validation importance
    • Infotainment browser vulnerabilities
  3. Side Channel Attack Introduction
    • Power analysis concepts
    • Timing attacks
    • Physical attack vectors
  4. Video Analysis: Power Analysis Attack
    • AES key extraction demonstration
    • Power consumption monitoring
    • Statistical analysis techniques

Day 17 - HTML Entities & Side Channel Deep Dive

Topics:

  1. HTML Entities and Encoding
    • Special character handling
    • Security implications
    • Injection prevention
  2. Side Channel Attack Deep Dive
    • Simple Power Analysis (SPA)
    • Differential Power Analysis (DPA)
    • Electromagnetic analysis
    • Countermeasures
  3. Video Analysis: DPA Attack on AES
    • Equipment setup
    • Trace collection
    • Key byte recovery
    • Full key reconstruction
  4. Defenses Against Side Channels
    • Masking techniques
    • Shuffling operations
    • Constant-time implementations
    • Hardware countermeasures

Day 18 - Automotive Ethernet Security - Part 1

Topics:

  1. Network Security Fundamentals
    • Increased digitization threats
    • CIA in automotive context
    • Defense in depth for vehicles
  2. Attack Categories
    • Reading communication (confidentiality)
    • Replaying/changing messages (integrity)
    • Removing communication (availability)
    • DoS attacks
    • Vulnerability exploitation
  3. Layer 1 (Physical) Attacks
    • Wire manipulation
    • Splicing attacks
    • Limited attack surface
  4. Layer 2 (Data Link) Attacks
    • MAC address manipulation/spoofing
    • VLAN hopping
    • ARP spoofing
    • MAC address table overflow
  5. Layer 3 (Network) Attacks
    • IP address spoofing
    • IP fragmentation attacks
    • Routing manipulation
  6. Layer 4 (Transport) Attacks
    • TCP SYN flooding
    • Blind injection
    • Session hijacking
    • Three-way handshake exploitation
  7. Layer 5-7 (Application) Attacks
    • Buffer overflow
    • Access control bypass
    • Application-specific vulnerabilities

Day 19 - Time Sensitive Networking (TSN) & Course Wrap-up

Topics:

  1. 802.1AS Time Synchronization (gPTP)
    • Generalized Precision Time Protocol
    • Grandmaster selection using BMC (Best Master Clock) algorithm
    • Clock spanning tree discovery
    • Port roles: Slave, master, disabled, passive
    • P-delay measurement for propagation delay
    • Sync message + Follow-up message (two-step process)
    • Automotive: Pre-configured grandmaster (not dynamic BMC)
    • Store P-delay values for faster boot (<2 seconds)
    • 2020 spec: Hot standby grandmaster, multiple time domains
  2. Stream Reservation Protocol (802.1Qat/SRP)
    • Talkers announce streams, listeners reserve bandwidth
    • 75% max bandwidth reservation (25% reserved for safety-critical)
    • Class A: 125 microsecond interval, priority 3
    • Class B: 250 microsecond interval, priority 2
    • Class C: 1 millisecond interval (added later)
    • MSRP (Multiple Stream Reservation Protocol)
    • Ether type: 0x22EA for reservation
    • Automotive: Static pre-configuration preferred over dynamic
  3. QAV - Credit-Based Shaper (802.1Qav)
    • Traffic shaping for AV streams
    • Credit accumulation at idle rate when port busy
    • Transmission allowed when credit ≥ 0
    • Credit decreases at send rate during transmission
    • Safety-critical data: Separate links recommended
    • Automotive concern: CBS may delay critical control messages
  4. TAS - Time-Aware Shaping (802.1Qbv)
    • Scheduled transmission based on 802.1AS timing
    • Time gates added to each queue at port
    • Gate control list determines gate operation
    • Guard band = largest interfering packet size
    • Latency target: 100 microseconds over 5 hops (vs 2ms for AVB Gen1)
    • Requires careful planning of packet sizes per queue
    • Cumbersome for automotive: static scheduling overhead
  5. Frame Preemption (802.3br/802.1Qbu)
    • Interrupt low-priority packet transmission for express traffic
    • Express traffic vs preemptable traffic classification
    • Both sides must agree via LLDP
    • Preemption status table per port
    • Minimum fragment size: 64 bytes
    • MAC merge sublayer with CRC
    • Reduces guard band requirements
  6. Cyclic Queuing and Forwarding (802.1Qch)
    • Deterministic (fixed) latency guarantee
    • Buffers store incoming data, forward only in cycles
    • Latency = cycle time × number of hops
    • NOT smallest latency, but guaranteed fixed latency
    • Significantly reduces buffer overflow and packet loss
    • Requires 802.1Qbv gates and 802.1Qcr redirection
  7. Asynchronous Traffic Shaping (802.1Qcr)
    • Low latency without requiring time synchronization
    • Better bandwidth efficiency than synchronous mechanisms
    • Works even if time sync fails
    • UBS (Urgency-Based Scheduler) prioritizes urgent traffic
    • Token bucket for traffic burst smoothing
    • Latest QoS-related TSN specification (as of 2020)
  8. AVB Gen 1 vs Gen 2 (TSN) Comparison
    • Gen 1: 802.1AS (2011), Qat, Qav, IEEE 1722 (2011)
    • Gen 2/TSN: 802.1AS (2020), Qcc, Qbv/Qch/Qcr, IEEE 1722 (2016)
    • TSN adds control traffic support (not just AV)
    • Enhanced stream reservation (802.1Qcc) with centralized management
    • Multiple grandmasters, redundant clock spanning trees
  9. IEEE 1722 Transport Protocol (AVTP)
    • Audio Video Transport Protocol
    • Packet within packet structure (Ethernet → 1722 → payload)
    • Requires 802.1Q header enabled
    • Presentation time for synchronization (max transit time based)
    • Stream ID = talker MAC address + 16-bit unique number
    • 2016 version: Added MJPEG, H.264, encrypted packets, LIN/CAN/FlexRay tunneling
  10. Automotive Industry Adoption
    • BMW pioneered automotive Ethernet, made spec open (no licensing)
    • Interest vs effort matrix for TSN standards
    • 802.1AS: High car manufacturer interest
    • 802.1Qbv: Medium interest from both OEMs and vendors
    • Automotive TSN profile: 802.1DG (still in development)
    • Realtek and other switch vendors support varies
  11. Course Wrap-up Discussion
    • Pending topics: Fuzz testing, TARA, WP.29/ISO 21434, Secure SDLC
    • TARA process: STRIDE analysis approach at APTIV
    • Steps: Asset analysis → Use cases → Data flow diagrams → Attack points → Threats → Impact rating → Mitigations → Cybersecurity goals
    • Challenge: Defining attack paths practically
    • Python certification pending: 12-15 hours, 65% pass threshold
    • Penetration testing lab setup discussion
    • Coverity for MISRA 2015, CERT-C standards

 

Summary: Topic Flow Across Days

Days 1-2:   Foundation → What is automotive security & why it matters

Days 3-5:   Theory → Cryptography basics + CAN bus vulnerabilities

Days 6-7:   CSS → Memory attacks, access control fundamentals

Days 8-11:  Practical → Kali Linux hands-on + Android/QNX hacking

Days 12-13: Advanced Crypto → Hash, MAC, signatures, HSM, TPM

Days 14-15: Mechanisms → Secure boot, OTA updates, architectures

Days 16-17: Web/Side Channel → HTML security + power analysis

Days 18-19: Ethernet → Layer-by-layer security, SecOC, standards

Related Courses