Filter by Category
Our Classes
Defensive Embedded Automotive Systems Security
with GRIMM AutoSec Team
NOTE: THIS COURSE REQUIRES AT LEAST 3 REGISTRANTS TO BE HELD.
Course Description:
In this course, participants will gain an understanding of the embedded systems cybersecurity threat landscape from an attacker's perspective. Attack surfaces will be highlighted, with a focus on attack techniques to provide insight into creating better defensive designs. Participants will enhance their abilities to integrate defensive security measures into their hardware and firmware design.
Using automotive hardware as an example platform, students will learn to develop strategies for minimizing attack surfaces and creating designs that are more resistant to security breaches.
You will leave the course knowing:
- Types of networks and how to communicate with them, from IT backend to in-vehicle communication
- Access control mechanisms
- A deep understanding of CANbus and other in-vehicle ICS protocols
- How attackers bypass many common hardware and software security measures and how to prevent this
- Dangers of poor cryptographic implementations
- Code signing flaws
- Firmware update design flaws
- Inter-ECU Communication Weaknesses
- Wireless radio (BT, Wifi, other RF) weaknesses
- Where to focus security hardening efforts for the best results
Course Outline:
Day 1
- Intro
- CAN
- Advanced CAN
- CAN-FD
- ISO-TP
- UDSSAE
- J1939SAE
- J2534
- Other Buses
- AutomotiveEthernet
Day 2
- UDS Update Hacking
- Encryption
- Secure Hardware Design
- Attacking Hardware
Day 3
- Wireless/RKE
- IVI
- Telematics/OTA
- V2X
Day 4
- Supply Chain Risks
- Threat Modeling
- Software Reverse Engineering
Day 5
"Capture the Flag" Hacking Competition
Who Should Attend:
- Anyone interested in exploring embedded systems security
- Mechanical / Electrical / Automotive Systems Developers
Note: GRIMM’s trainers strive to accommodate students with all levels of technical knowledge. However, students with some technical background, understanding of automotive technologies, and programming language(s) will excel at the hands-on lab activities incorporated into the course. That being said, even beginners will still walk away with a plethora of knowledge and a new world of doors opened to them.
WHAT TO BRING:
Students need to bring a laptop capable of:
- Running the VirtualBox virtualization engine and x86 VMs (no "Apple Silicon" M1 or M2 Macs; no Chromebooks).
- Allowing the user to have Local Admin privileges (Generally no company-issued laptops)
All other necessary hardware and materials will be provided by GRIMM.