Automotive Security Training

Hands-on training in automotive hacking techniques - by NDIAS

Overview

Our training programs are educational ones to acquire the basic knowledge and attack techniques useful for automotive security.
This training program covers not only hardware and software composing ECUs, but also automotive interfaces, e.g., cellular, Wi-Fi, Bluetooth, CAN, NFC, IP. In the training programs, you can experience practical hands-on hacking techniques against increasingly complex vehicles, which helps you acquire basic knowledge for security measures

Assumed participants

  • Personnel in the information security department of automotive manufacturer
  • Personnel in the electronic platform development of automotive manufacturer
  • Personnel in the information security department of supplier
  • Personnel in the product development department of supplier

etc.

The training is consisted of several programs. And, they cover the following topics through classroom-style lecture and hands-on training. In the hands-on training, participants can learn how to breach TCU/IVI on emulated environment.

hands-on training environment

Training course Training Details
Hardware
  • Hardware basics
  • Analyze the target PCBs
  • Hands-on training for extracting and rewriting ROM data with debug I/F (JTAG, UART, etc.)

etc.
Cellular
  • Cellular network basics
  • Attack techniques using cellular networks
  • Hands-on training using a fake base station

etc.
Wi-Fi
  • Wi-Fi basics
  • Attack techniques against Wi-Fi
  • Hands-on training on attacks to recover keys and passphrases

etc.
IP layer
  • IP layer basics
  • Attack techniques against IP layer
  • Analyze active TCP/UDP ports, known vulnerabilities

etc.
Bluetooth
  • Bluetooth basics
  • Attack techniques against Bluetooth
  • Hands-on training for wiretapping and spoofing

etc.
NFC
  • NFC basics
  • Attack techniques against NFC
  • Hands-on training for key analysis, wiretapping, and spoofing

etc.
CAN
  • CAN basics
  • Attack techniques against CAN
  • Hands-on training for wiretapping and spoofing

etc.
Application layer
  • Security basics of application layer
  • Attack techniques against application layer
  • Attack techniques via USB interface

etc.

Training Details

Venue
  • The place you prepared by your company (e.g. in your office)
  • Or a venue prepared by us

Note: Details will be decided individually
Minimum number of participants 20 people
*If less, decided individually.
Note: We currently accept requests only from companies.
Period 5 days
Note: It is also possible to select and customize the programs as you need.
Training schedule
(standard pattern)		 Day 1: Hardware
Day 2: Wi-Fi, IP
Day 3: Bluetooth
Day 4: CAN, Applications
Day 5: Cellular, NFC
Note: This program is customizable

Service Flow

Flow of Automotive Security Training

 

Contact