Search

Embedded Systems Security Training for Automotive

Embedded Security for Automotive is brought to you by embedded device security veterans, with years of expertise in securing payment and content protection applications. In this training you will look at an automotive solution from an attacker’s perspective. You will learn how ECUs can be hacked, and identify ways to apply this knowledge to your product and make it more robust. As a result, you will obtain the expertise to make effective security-related decisions throughout the entire development life-cycle of a vehicle electronic system.

Duration: 3 days | Type: Classroom/hands on

Upcoming training: November 5-7. Learn more and sign up

Learning Objectives

The goal of the three day interactive training is to gain an overview of in vehicle security with focus on critical systems. In the training your team gains a solid technical grasp of the fundamentals of security engineering, and how they relate to typical sub-components presented on an embedded system, and the functionality of an embedded system.

Next, we look at the automotive target from the perspective of an attacker who aims to compromise the systems assets, gaining runtime control and or retrieving sensitive data, etc. You will new skill sets for identifying these assets, determine the most likely attack paths an attacker will use and refine this attack path in order to discover tooling available to an attacker used to compromise the system. During the training we discuss why implementation attacks are a threat to the security of protocols and cryptographic algorithms,  MISRA-C coding guidelines, side channel analysis and fault injection attacks.

Finally, we discuss system defense strategies which is the most sophisticated and complex view of an embedded system. Creating a defense strategy requires not only to understand of how a system works or how an attacker would compromise an asset, but also to have the ability to prioritize defense according to risk, time, cost, attack surface, etc.

Who is this training for?

This training is ideal for engineers and managers with limited to no security knowledge working at manufacturers and suppliers in the automotive, trucks, rail and aviation industries, in the following roles: System Engineering, Cyber Security management, Software architecture.

The Riscurino

We believe learning by doing is the best way to develop your knowledge and skills. Starting with a good conceptual understanding we move quickly to apply your knowledge to real-world examples. For the hands-on exercises we use our custom made board, which emulates a vehicle electronic system.

The Riscurino is an Arduino-based board featuring two CAN controllers. Thanks to the onboard jumpers, the CAN controllers can be connected differently, allowing to simulate different car network configurations. In addition to the standard logical attacks on the CAN bus, the Riscurino is designed to facilitate side channel and fault injection attacks, thanks to the separated power plane for the processor. Applications for the Riscurino can be easily created using an open development environment (Eclipse+GCC) and a USB bootloader for flashing.

Interested? View the upcoming courses or get in touch with us

Please click here to access our e-learning platform where you will be able to view the upcoming dates for this training. Once you have your plans defined, there you can also register and purchase your seat right away. If you have questions or would like to discuss a special training program for your company, please contact us at trainingacademy@riscure.com.

By continuing to browse this website, you agree to the use of cookies and data processing according to our privacy statement. Close