Introduction:

In today's interconnected world, vehicles are at the forefront of technological innovation. With every manufacturer racing to introduce cutting-edge features like Fleet Management Systems, Advanced Driver Assistance Systems (ADAS), and Autonomous Technologies, the automotive landscape is evolving rapidly. However, this surge in sophistication also brings forth new challenges, particularly in cybersecurity.

At our training program, we recognize the critical need for specialized skills in securing the vehicles of tomorrow. With the proliferation of third-party vendors providing essential systems, the vulnerability of automotive technologies cannot be overstated. From traditional Internal Combustion Engine (ICE) vehicles to the emerging Battery Electric Vehicles (BEV) and hybrid technologies, the complexity of vehicle features is reaching unprecedented levels.

Our comprehensive course delves deep into the realm of automotive cybersecurity, focusing on the ISO 21434 standard as the cornerstone of industry best practices. Participants will gain invaluable hands-on experience by working with real-world Cars and conducting security testing on their components.

Table of Content

Course Overview

  1. Module 1
    • Introduction to Automotive Industry: Explore the dynamic world of automotive technology, from fleet management systems to Advanced Driver Assistance Systems (ADAS) and beyond.
    • Vehicle External Communications: Learn how vehicles communicate with the outside world and the implications for cybersecurity.
    • Vehicle EE Architecture: Dive into the intricate architecture of modern vehicles' electrical and electronic systems.
    • Briefing of ECU Groups/Domains: Understand the organization and function of Electronic Control Units (ECUs) within vehicles.
    • ISO 21434 Introduction and Exercises:Gain insight into automotive cybersecurity standards, including practical exercises covering cybersecurity management, TARA, product development phases, and more.
  2. Module 2
    • Vehicle Network and Attacks: Explore the complexities of vehicle networks and potential vulnerabilities.
    • Briefing of Vehicle Protocols:Understand the various protocols used in vehicles, with a focus on the CANBUS protocol.
    • Briefing of CAR Hacking Tools: Get hands-on experience with tools used for hacking vehicles.
    • Practical Exercises: Engage in practical exercises including eavesdropping on CANBUS messages, reverse engineering CANBUS frames, conducting replay attacks, sending forged CANBUS messages, exploring DOS attacks, Canbus fuzzing, and more.
  3. Additional Resources:
    • Virtual Machine Toolkit: Access a dedicated virtual machine equipped with essential toolkits for post-training vehicle security testing.
    • Comprehensive Learning Materials: Dive into detailed slide decks covering theoretical concepts
From understanding the basics to mastering advanced techniques, our "Reversing and Exploitation of Vehicles" course caters to beginners and intermediate learners alike. Join us and become a pioneer in automotive cybersecurity!

Pre-Requisites :

  • Basic knowledge of Any Cybersecurity
  • Knowledge of Linux OS
  • Basic knowledge of programming – python
  • Automotive Background (Added Advantages but not compulsion)

Hardware / Software / Internet Requirements

  • Laptop with at least 50 GB free space
  • 8+ GB minimum RAM (4+GB for the VM)
  • External USB access (min. 2 USB ports)
  • Administrative privileges on the system
  • Virtualization software – Latest VirtualBox (5.2.X) (including Virtualbox extension pack) or Vmware player/Workstation
  • Linux host machines should have exfat-utils and exfat-fuse installed (ex: sudo apt-get install exfat-utils exfat-fuse).
  • Virtualization (Vx-t) option enabled in the BIOS settings for virtualbox to work

Duration

2 days

Who should attend?

  • Penetration testers tasked with auditing Automotive/Vehicle components
  • Bug hunters who want to find new bugs in Automotive field
  • Government officials from defensive or offensive units
  • Security professionals who want to build Automotive security skills
  • Embedded security enthusiasts
  • Automotive OEM and Component Manufactures
  • Automotive Engineers, Managers and Stake Holders
  • Anyone interested in Automotive security

What to expect?

  • Hands-on Labs on Simulation, Car/ Electric Scooter and It's Components
  • Reversing fun
  • Getting familiar with the Automotive Cybersecurity
  • This course will give you a direction to start performing pentest on Vehicle, Electric Scooter and their components

What not to expect?

  • Becoming a CAR hacker overnight. Use the knowledge gained in the training to start pentesting Automotive vehicles, Componets and sharpen your skills.