`
Event Single

In Vehicle Cybersecurity Workshop 2


Date: 2022-05-09


Time: 07:00 AM EST


Location: Online / In person




Full Price




$800 USD


Event Sponsors





Event Agenda

In Vehicle CyberSecurity Workshop

Event details:

Start Date: May 09

End Date: May 12

Duration; 32 hours (8 Hour day)

Course Outline PDF Download: 
https://www.cyberxltr.com/downloads/Vehiqilla-Automotive-Cybersecurity-Training.pdf

Trainer Profile:
Raneez Ahmed - Automotive Cybersecurity Specialist

I am the Technical Lead VSOC of Vehiqilla Inc, concentrating on performing Automotive Cybersecurity activities like building Vehicle Security Operations Center (VSOC), Vehi-VSOC, and its application Infrastructure. Moreover, I am pursuing research on Electric Vehicle Cybersecurity, working on V2X cybersecurity data protection project, and holding CompTIA Security+ certification.

For more information, please email Raneez at raneez@vehiqilla.com

Course Content

The In-Vehicle Cybersecurity Workshop provides a broad range of in-depth knowledge about In-Vehicle Cybersecurity, explaining the threats, vulnerabilities, and the methods of performing the penetration testing for the vehicle components. The course also describes the V2X security, focusing on the security issues between the vehicle and cloud/manufacture backend communication. Moreover, the course explains various tools and software for performing threat, vulnerability, and penetration findings.

Course Benefits

This course will help you:

Know about the different Cyber Attack Vectors for vehicles

Gain a strong foundation in the Automotive Cybersecurity platform

Understand the basics of penetration testing, vulnerability analysis, and threat modeling

Who Should Attend (Pre-requisite)

This training provides participants in the automotive industry with the necessary basic knowledge to be able to consider the new cybersecurity requirements according to the ISO/SAE 21434 security standard. 

This training is appropriate for people who work in the automotive cybersecurity, management, engineering, or audit environment. 

It is also suitable for the project, process, and sales managers, as well as those interested in the topic

Automotive Engineering Manager

Automotive Product & Infrastructure

Automotive embedded device & system engineers, designers, testers, manufacturers and suppliers

Developers working with embedded systems

Ethernet and CAN Bus Software Engineers and Testers

Autonomous Vehicle Development Software and Hardware Engineers

Automotive Verification and Validation Engineers and Managers

Course Outline

Automotive Cybersecurity 101

•        Introduction to Cybersecurity

•        Transformation in Mobility

•        Connected and Autonomous Vehicles (CAV)

•        Vehicle Technologies

•        Cyber Challenges in CAVs

•        Recent Cyber Attacks on CAVs

•        Difference between IT and Automotive Cybersecurity

ISO 21434  and Assessment overview

•        Overview of ISO21434 Cybersecurity Framework

•        Introduction to TARA

•        Organizational Cybersecurity Management

•        Project Dependant Cybersecurity Management

•        Distributed Cybersecurity Activities

•        Continual Cybersecurity Activities

•        Concept Phase

•        Product Development Phase

•        Post Development Phases

UNECE WP 29 

•        UNECE WP.29

•        UNECE R155 CSMS

•        UNECE R156 SUMS

•        Business and Security Objectives

•        TARA Methods

•        Technical Scope Definition

•        Decompose the Application

•        Identify Threat Agents

•        Identify the Vulnerabilities

•        Enumerate the exploits

•        Perform Risk and Impact Analysis

•        Cyber Monitoring

•        Fleet Incident Management

•        Cyber Monitoring Demo: Vehiqilla Vehi-SOC

Vehicle Attack Vectors

•        Third Party Apps

•        Key Fob Hacking

•        OBD II Hacking

•        Vehicle to vehicle

•        Vehicle to Infrastructure

•        Vehicle to Everything

•        Personal Data

Vehicle Security Concepts

•        CIA

•        Authentication

•        Encryption

•        Cybersecurity elements of the Vehicle

•        Vehicle Connectivity

•        V2X Cybersecurity Challenges

•        Electric Vehicle Cybersecurity

•        Security By Design

•        Privacy & Tracking

In-Vehicle Architecture

•        Assets inside Vehicle

•        In-Vehicle Communication

•        CANBus

•        SAE J1939

•        Automotive Ethernet

•        Wi-Fi

•        Bluetooth

•        GSM

Perform Automotive Threat modelling  (TARA)

•        Business and Security Objectives

•        TARA Methods

•        Technical Scope Definition

•        Decompose the Application

•        Identify Threat Agents

•        Identify the Vulnerabilities

•        Enumerate the exploits

•        Perform Risk and Impact Analysis

Development area of Cybersecurity

•        Development areas in end-to-end Encryption

•        Security gap in vehicle Certificates

•        Key Storage

•        Managing Passwords

•        Secure software Development

How to assess vulnerabilities of Vehicle/ECUs

•        Active Vehicle Vulnerability Analysis

•        Passive Vehicle Vulnerability Analysis

•        Supply Chain Vulnerability Analysis

•        Software Vulnerability Analysis

•        Key Cyber Attack Vectors in Automotive

Cybersecurity algorithm in Automotive

•        Software Development in Automotive World

•        Cyber-Secure Implementation and Prevention

•        Security By Design

•        Life Cycle Management Security Post-Production

Software Artifacts update Over Air protection

•        OTA (Over the Air Updates)

•        Entities involved in OTA updates

•        Technical Overview on remote software updates

•        Cybersecurity in OTA updates

•        Cybersecurity challenges in remote SW update

Hacking into an Vehicle/ECU

•        Pre-Engagement (25 mins)

•        Vehicle/ECU Intelligence Gathering

•        Automotive Threat Modeling

•        ECU Vulnerability Analysis 

•        ECU Exploitation 

Different verification Mechanisms

•        Passive Vehicle Reconnaissance

•        Active Vehicle Reconnaissance

•        Whitebox Automotive Pen-Testing

•        Blackbox Automotive Pen-Testing

Tools/Infrastructure needs

•        Scanning Tools

•        Wi-Fi Tools

•        Bluetooth Tools

•        Tools for GSM network

•        Purpose & Working of each Tools

Live Demos & Exercises

•        Fleet Cyber Monitoring Live Demo

•        Collection of Vehicle Cybersecurity Logs Demo