Learning objectives
To understand the main security threats to the automotive field
To identify vulnerabilities in automotive systems
To design secure information systems in the automotive field
Course unit content
Architecture of modern and future in-vehicle networks [approx. 8 hours - 1 CFU]
- CAN, CAN FD, Flexray, MOST, LIN, Ethernet
- WiFi, bluetooth, NFC, radio frequencies
- Electronic control units and automotive control modules
- telematic boxes
Foundations of cyber security targetet to automotive applications [approx. 8 hours - 1 CFU]
- confidentiality, integrity and availability
- vulnerabilities and attacks
- modern cryptography
Threat analysis for modern vehicles [approx. 8 hours - 1 CFU]
- attack surfaces (physical access, proximity, remote)
- attacker profiles (external actors, owners, maintainers, specificities of car rental and sharing)
- attacker tools and strategies (reverse engineering, sniffing, replay, fuzzing, software and hardware tools)
Analysis of known cyber attacks against licensed vehicles [approx. 8 hours - 1 CFU]
Relevant standards and norms [approx. 8 hours - 1 CFU]
- UN/ECE R155
- UN/ECE R156
- ISO/SAE 21434
- ISO 24089
Prevention and detection of cyber attacks [approx. 8 hours - 1 CFU]
- Secure boot, secure firmware update, secure OTA
- Hardware security modules
- secure gateways and data diodes
- intrusion detection for in-vehicle networks
- intrusion detection for V2X applications
Bibliography
The Car Hacking Handbook, Craig Smith, No Starch Press
Security for Automotive Electrical/Electronic (E/E) Architectures, Philipp Mundhenk, Cuvillier Verlang Gottingen
Teaching methods
Lectures
Laboratory activities