Filter by Category
GRIMM's Defensive Automotive Engineering Security Training
with CyPhy Team
In this course, participants will gain a practical understanding of the automotive cybersecurity threat landscape from an attacker’s perspective. Automotive-specific vulnerabilities will focus on exploitation and attack techniques to better inform security in code design and development. Attendees will participate in extensive hands-on offensive exercises in a lab environment in addition to traditional course lectures. These exercises expose each student to real-world exploitation methods and enable a richer experience that gives real-world context and understanding of the threat environment. After course completion, participants will have enhanced their ability to integrate cyber security into vehicle-centric systems and networks.
This 5-day course will expose each student to the attacker’s perspective of automotive security. Each day the student will have hands-on labs to complement that day’s lecture. During the course, students will learn to develop strategies for minimizing attack surfaces and creating designs more resistant to attack and compromise.
Building on real-world examples, students will gain hands-on experience and technical details of many current, real-world security problems -- and how to detect, avoid, and fix them, including basic Hardware and Software Reverse Engineering.
● Approach to Secure Design Thinking.
● CAN Tools and Low-Level Interactions
● ISO-TP Details
● Interactive UDS
● J2534, Software Updates, and ECU Configuration
● Introduction to Hardware Reverse Engineering
● Remote Code Execution
● FlexRay, LIN, and other modern communication Details
● Infotainment Flaws and Remedies
● Telematics Attack Surface and Current Design Flaws
● J1939 and CAN
● Supply Chain Woes and Guidance
● Automotive Risk Assessment
● Remote Keyless Entry and Passive/Proximity Key Problems
● Introduction to Software Reverse Engineering
● Vehicle to Everything (V2X) Attack Surface and Methods
● Automotive Ethernet
● Capture The Flag!
Who Should Attend:
- Mechancial / Electrical / Systems Automotive Engineers
- Computer Science / Networking Professionals interested in exploring Automotive Security
Note: GRIMM’s trainers strive to accommodate students with all levels of technical knowledge. However, students with some technical background, understanding of automotive technologies, and programming language(s) will excel at the hands-on lab activities incorporated into the course.
Students need to bring a laptop capable of running the VirtualBox virtualization software (Windows/Linux/Mac, no Chromebooks).
All other necessary material will be provided by GRIMM.