Cybersecurity in Automotive

Cybersecurity in Automotive: attacker‑mindset training to harden vehicle systems.

Learn memory safety, input parsing, privilege escalation and Linux defenses in C/C++.

Cover automotive‑specific topics: crypto, attack surface, diagnostics, CAN analysis, fuzzing, ECU vectors.

Gain practical experience in a safe lab with SocketCAN and simulated networks.

How this helps: improve secure design aligned to ISO/SAE 21434 & UNECE R155/R156.

Who it’s for: designed for individuals with embedded/C/C++/security background entering automotive.

Also covers secure boot and V2X risks.

Curriculum

The attacker’s perspective → defensive coding

Finding weak points: input parsing, memory safety, privilege boundaries (high level)
Common exploitation families: return-to-libc/ROP (concepts), format-string, integer over/underflows
Linux hardening concepts: ASLR, stack canaries, RELRO, seccomp — what they do and how to enable them
Defensive C/C++ patterns: bounds checking, safe parsing, least privilege and sandboxing hints

Cryptography fundamentals for automotive

Symmetric vs. public key crypto; cryptographic primitives and typical misuse to avoid
OpenSSL basics (conceptual) and certificate chains; mutual authentication and chain of trust
Secure communication and storage; key provisioning and rotation basics
Secure boot: trust anchors, measured vs. verified boot (architecture-level)

Vehicle attack surface and threat modeling

Top-level architecture and receivers; typical entry points
Threat models and rating systems; mapping to ISO/SAE 21434 risk treatment
Logging strategies and intrusion detection signals for vehicle networks (high level)

Diagnostics and monitoring with SocketCAN (safe lab)

Connecting with SocketCAN in a simulator; capturing and filtering traffic (concepts)
UDS and DTCs: reading basics; staying in diagnostic session ethically and safely
Event logging and traces; brief mention of EDR/SAE J1698 (context)

CAN traffic analysis and fuzz testing (controlled)

Reverse-engineering CAN message structure (high-level process)
Background noise vs. targeted mutation: goals and safety guardrails
Translating messages and observing system response in a simulator

ECU attack vectors (to learn defenses)

Interfaces and protocols: J2534, KWP2000 (conceptual) and Seed-Key challenge–response (principles)
Backdoors and known-bad patterns; firmware tamper risks (overview)
Defenses: challenge–response hardening, anti-rollback, secure flashing and signing policies

Boot sequence and secure boot

Modern boot flows and where to anchor trust; HSM involvement (conceptual)
Power analysis and side channels (awareness only)
Defensive checks: code signing, rollback protection, measured boot attestation (high level)

V2X risks (V2V, V2P, V2C)

Interfaces and potential attack surfaces
High-level mitigations and monitoring signals

Optional modules

Optional — Infotainment and OTA security (concepts)

OTA update trust model; delta vs. full-image, fail-safe behavior
Infotainment attack intro (Linux app hardening, sandboxing) — defensive view

Course Day Structure

Part 1: 09:00–10:30
Break: 10:30–10:45
Part 2: 10:45–12:15
Lunch break: 12:15–13:15
Part 3: 13:15–15:15
Break: 15:15–15:30
Part 4: 15:30–17:30

Why Edocti?

The trainers: the most obvious reason. We love what we do and share the knowledge we build in day-to-day practice.
Relevant content: customized to the engineering team’s real, day-to-day needs.
Hands-on first: all our courses are practical. We don’t believe in "slide courses". Our programs are roughly 70% hands-on and 30% focused theory. We present concepts while working through real-world examples.
Edocti has been working on Automotive projects since 2016.
Our trainers have 11+ years of Automotive experience across Classic AUTOSAR, Adaptive AUTOSAR, SOME/IP, embedded Linux, QNX, INTEGRITY, ISO 26262, etc., on telematics and AD/ADAS programs.
Autonomous Driving and ADAS projects for Volvo and General Motors (end clients) in collaboration with Tier-1 companies in Romania since 2016.
V2X projects for GM and VW (end clients), in collaboration with Tier-1 companies in Romania.
Strong collaboration with Romanian Tier-1 companies for technical training, consulting, architecture and implementation.

Who Should Attend

C/C++ developers, embedded engineers and security-minded practitioners who build automotive software and need a practical, defensive understanding of how attacks work and how to prevent them.

Required Infrastructure

If delivered in the Edocti lab, no equipment is required. Otherwise, each participant needs one laptop with VirtualBox and installation rights. A prebuilt Linux VM image is provided.