Automotive Cyber Security Training

Please enable JavaScript to view the site.

Elevate Your Skills in Automotive Cybersecurity and Penetration Testing

About the training

Todays connected automotive ecosystems require well designed multilayer cyber security protection, from the security of ECU to ECU communication in the vehicle through backend communication and to the various connected features.

A typical automobile today contains a number of computational systems running up to 100 million lines of programming code. As vehicles continue to expand in complexity, the attack surface of an automobile also expands. A single vulnerable device can leave an entire automotive ecosystem open to attack and the potential exposure ranges from inconvenience to massive safety breakdowns.

This makes the connected automotive ecosystem a valuable target for attackers and consequently it is important to be aware of potential cybersecurity risks and vulnerabilities.

Deloitte has developed its unique training and demonstration environments which are ideal for practicing automotive security testing tools and techniques.

Typical areas covered

Security testing on automotive buses and on connected ecosystem

Security testing of automotive components

Custom practicing environment

Beside many others, it is a safe environment to investigate and attack

●

Automotive communication channels, such as CAN or Automotive Ethernet
●

Security related diagnostic features and functionalities, such as Security Access and flashing
●

Firmware/binaries with reverse-engineering
●

MCU debug interfaces
●

Low level communication channels (e.g. JTAG, I2C, SPI, UART)
●

External memory chips
●

Connected features and communication channels (e.g. BLE, cloud APIs, “smart” features)

Who should attend

Whether you are on blue team or red team side, you can benefit from this class and develop your skills to understand your target, analyze and interface with its communication channels, manipulate functions, identify and to exploit issues.
We always tailor the training content to our clients’ needs to ensure that the participating team can focus on those topics and exercises which are the most relevant for them.

We recommend this training for:

OEMs or Tier 1 suppliers, automotive design engineers
with the goal of designing secure automotive systems

Penetration testers who are interested in automotive hacking

Security professionals who want to develop their skills in the
automotive domain

Red team members with embedded/IoT/other electronic
components in focus

Bug hunters who want to find vulnerabilities in vehicles or their
connected infrastructure embedded systems

Anyone interested in automotive penetration testing

About us

Deloitte Cyber Risk Services (CRS):

●

Our services go beyond technical vulnerability assessments. We translate technical issues found to business risks.
●

More than 500 tests/year worldwide
●

Diverse selection of clients including financial services, telecom and manufacturing and automotive
●

Centre of Excellence for Cyber Security Services in Central Europe
●

Collaborative approach with Deloitte member firms throughout the world
●

Specialized professional team for automotive security testing and training
●

Unique hardware hacking services
●

IoT and ICS security services