Automotive Security, Hands-on hack training

Description

Security
Interested? Contact us!
1 day
Price: SEK 9.500

Request more information

Lena Bernhardsson
+46 (0) 40 59 22 09
lena.bernhardsson@nohau.se

Cycar CAN HackIn cooperation with Assured AB, we offer this automotive security workshop, aimed at anyone interested in the security of connected vehicles. The course combines theoretical lectures with hands-on challenges against a physical, simulated car.

You will learn how a modern vehicle communicates internally (between components) as well as externally with the driver, passengers and remote services and how to exploit vulnerable or weak implementations of security concepts.

This is a one-day workshop with theoretical and practical parts in an interactive fashion.

You will be given a virtual machine with all the necessary tools and configuration needed to connect to the challenge platform, named “CyCar”. This device tries to simulate a vehicle infotainment and telematics system, often available in modern vehicles.

Target audience

This course mainly target you as a developer or architect working with automotive solutions, but also fits you with an interest in automotive security, hacking and embedded system security.

Attendee prerequisites

  • You are required to possess a basic good understanding of networking and basic Linux commands.
  • A basic understanding of binary and hexadecimal notation is recommended.
  • A basic understanding of cryptography is helpful but not mandatory.
  • A basic understanding of embedded systems is helpful but not mandatory.

The CyCar challenge platform

cycarsOur challenge platform “CyCar” consists of readily available components that are assembled into a small but realistic vehicle infotainment and telematics unit. An ECU controls vehicle characteristics such as speedometer, blinkers, locks and engine state. It is connected via the CAN bus to a single-board computer that runs a Linux OS with connectivity such as Bluetooth and WiFi as well as higher-level applications and services.

The CyCar platform hardware setup is open source for anyone interested in building their own. The firmware and software required for this course is restricted to purchasers of the course.

Course syllabus

Gear N (1h)

  • Introduction
  • Handouts
  • Lab setup

Gear 1 (1h)

  • Theory module 1
    • Security concepts
    • CAN and serial bus communication
    • ECUs and the BusGoat
    • Embedded security
    • Cryptography
  • Understanding and constructing CAN frames
  • Pop-quiz and a short break

Gear 2 (1h)

  • Theory module 2
    • Connectivity and the OBD-II interface
    • Bluetooth
    • WiFi
    • GSM, 4G
    • Telematics
  • Connecting to the CyCar
  • Pop-quiz and a short break

Gear 3 (1h)

  • Theory module 3
    • API and application security
    • Tools and commands
    • Attack vectors
  • Lab overview
  • Trying the different tools
  • Break for lunch

Gear 4 (2,5h)

  • CTF-style hands-on lab
  • Instructor-assisted challenges

Gear 5 (1h)

  • Racing the CyCars
  • Show and tell
  • Price ceremony

Gear R (0,5h)

  • Recap
  • Evaluation

Please contact us for more information!

Don't wait, call us now!