Trainings & Workshops

As cars become more interconnected, they also become more vulnerable. Stay ahead of the curve with our customizable trainings & workshops. Delve into the fundamentals of automotive protocols and ECUs to identify attack surfaces effectively. Learn to hack real cars with insights into OEM design philosophies and firmware reverse engineering. Explore automation strategies for network and system security assessments. From CAN communication to firmware dumping, our trainings cover it all and can be tailored to match your individual requirements.

Outline


  • Attack Surface Identification: Learn to pinpoint vulnerabilities on Electronic Control Units (ECUs) for effective security assessments
  • Low-Level CAN Communication: Understand the intricacies of CAN communication and vulnerabilities at the protocol’s foundational level
  • Vehicle Architecture Overview: Gain insights into prevalent vehicle architectures and network topologies for comprehensive understanding
  • Relevant Protocols Mastery: Acquire knowledge about essential protocols utilized in contemporary vehicles for targeted security analyses
  • Hands-On Network Scanning: Engage in practical automotive network scans to identify potential vulnerabilities and weaknesses
  • Diagnostic Protocol Exploitation: Explore techniques to attack diagnostic protocols, including firmware dumping and reverse engineering for in-depth analysis
  • Security Access Breaching: Break through security access mechanisms deployed in modern vehicles to assess system vulnerabilities effectively
  • Immobilizer Basics: Get an overview about current immobilizer systems

Applications

  • Embedded Systems
  • Automotive Systems
  • Industrial Systems
  • Aviation & Aerospace Systems
  • Maritime Systems
  • Defense Systems
  • IoT (Internet of Things) Devices

Syllabus

  1. Fundamentals of vehicular networks & protocols
  2. Controller Area Networks: Explore low-level attacks, utilize Scapy CAN layer, understand DBC file format, investigate Man-in-the-Middle (MITM) attacks, implement AUTOSAR SecOC security mechanisms, and employ fuzzing techniques
  3. ISOTP: Understand the basics, investigate Man-in-the-Middle (MITM) attacks, and perform network scanning
  4. UDS / GMLAN: Utilize UDS and GMLAN in Scapy, manage Security Access, and conduct Network Scanning
  5. DoIP / HSFZ: Delve into the basics of protocols, implement DoIP and HSFZ in Scapy, and gain proficiency in their handling using relevant tools
  6. SOME/IP: Familiarize yourself with the basics of SOME/IP and explore associated tools for implementation and analysis.
  7. CCP / XCP / OBD2: Understand the fundamentals of CCP (CAN Calibration Protocol), XCP (Universal Measurement and Calibration Protocol), and OBD2 (On-Board Diagnostics) for vehicle diagnostics and communication
  1. OEM-specific knowledge: Dive into attacks on vehicles, explore security access implementations and update processes, gain an overview of OEM-specific tools, and understand electronic immobilizers in automotive systems.
  2. Hardware Reverse Engineering: Learn to identify interfaces, grasp the basics of JTAG (Joint Test Action Group) protocols, and explore various methods for reading out firmware from embedded systems
  3. Reverse Engineering: Get acquainted with Ghidra basics, understand common processor architectures, learn to handle memory maps, reverse engineer peripheral components, manage interrupt vector tables, identify automotive protocols like UDS (Unified Diagnostic Services), decode security access algorithms, analyze intercommunication between bootloader and flashloader, and reverse engineer state machines and AUTOSAR (AUTomotive Open System ARchitecture)

Exercise Environment

Remote ECU: The remote system facilitates the handling of the ECUs by avoiding wiring efforts. Available Manufacturers: BMW, VW, Opel, Tesla, Mercedes, Audi. The following ECU types are available: Body Domain Controllers, Gateway ECUs, Telematics ECUs, Airbag ECUs, Dashboard ECUs, Immobilizer ECUs

Physical ECU: Various ECUs will be brought on-site for training in hardware reverse engineering as well as handling ECUs

Virtualized vehicle: By simulating a vehicle and CAN messages while driving, participants can learn how to handle low-level CAN messages and how to manipulate them

Virtualized ECU: A modified digital twin of a real ECU, which includes various IT security exercises that can be performed by the participants independently

*product specifications and features are subject to change without prior notice as we continuously strive to improve our products