Your browser is not optimized for viewing this website.

More information »

GRIMM Cyber

GRIMM's Defensive Automotive Engineering Training

with AutoSec Team

$4,000

Register

Only 3 days left to register!

Course Description

In this course, participants will gain an understanding of the automotive cybersecurity threat-landscape from an attackers perspective. Automotive attack surfaces will be highlighted, with a focus on attack techniques to provide insight into creating better defensive designs. In addition to traditional course lectures, the attendee will benefit from hands-on offensive exercises in a lab environment. These exercises will ensure each student cements their new-found comprehension of real-world exploitation. Participants will enhance their abilities to integrate defensive security measures into their vehicle networks.

Course Objectives

This 5-day course will expose each student to the attacker’s perspective of automotive security. Each day the student will have hands-on labs to complement the days lecture. During this week students will learn to develop strategies for minimizing attack surfaces and creating designs that are more resistant to security breaches. They will leave the course knowing:

  • How to think about attackers and security in Automotive Design
  • What lengths attackers can and will go to in order to
  • What kinds of information/capability is available to attackers, how to discover it, and how to use it
  • Pragmatic approaches to managing risk in vehicle networks
  • How to improve Automotive Cybersecurity today, planning for the complete vehicle lifecycle
  • Strategies for Connected Legacy Vehicles
  • Where to apply significant security resources to the best result

Building on Real-World examples, students will gain hands-on experience and classroom details of many currently-deployed security problems -- and how to detect, avoid, and fix them -- including:

  • Poor Cryptographic Implementations
  • Code Signing Flaws
  • Code Management Issues
  • UDS Design and Implementation Bugs
  • Code Update Design Flaws
  • Inter-ECU Communication Weaknesses

And the basics of Reverse Engineering of Hardware and Software to make it all real.

Daily Highlights

Day 1:

  • Approach to Secure Design Thinking.
  • CAN Tools and Low-Level Interactions
  • CAN-FD
  • ISO-TP Details

Day 2:

  • Interactive UDS
  • J2534, Software Updates, and ECU Configuration
  • Introduction to Hardware Reverse Engineering
  • Remote Code Execution

Day 3:

  • FlexRay, LIN, and other modern communication Details
  • Infotainment Flaws and Remedies
  • Telematics Attack Surface and Current Design Flaws

Day 4:

  • J1939 and CAN
  • Supply Chain Woes and Guidance
  • Automotive Risk Assessment
  • Remote Keyless Entry and Passive/Proximity Key Problems
  • Introduction to Software Reverse Engineering

Day 5:

  • Vehicle to Everything (V2X) Attack Surface and Methods
  • Automotive Ethernet
  • Capture The Flag!

Things Students Should Know

GRIMM’s trainers strive to accommodate students with all levels of technical knowledge. However, students with some technical background and knowledge of automotive technologies will glean more from the hands-on lab portions of the course. Additionally, several of the tools used will be learned more easily by students with a passable understanding of a programming language (e.g, have written more than a “Hello World”-type program).

Items Students Should Bring

Students need to bring a laptop that can run the VirtualBox virtualization software (Windows/Linux/Mac, no Chromebooks). All other necessary material will be provided by GRIMM.

Hotel Information 

Swan Inn Motel

Comfort Inn Grand Rapids

Holiday Inn Express

  • Apr 23 - 27th, 2018

    Will run

Comfort Suites Grand Rapids North

350 Dodge Street
Comstock Park, MI 49321 Get directions





Forgot password?