Automotive Systems Hacking (On-site Training)

Automotive Security is becoming more and more important, but entrance into this research field is still very difficult.

In this training, we will teach all basics of automotive protocols and systems which are required to understand all details and specialties of ECUs. We will provide physical ECUs for hardware reverse engineering and explanation, a virtualized and remote environment to overcome the usual difficulties during practical work on hardware systems. In the automotive industry, every OEM has its own design philosophy. We introduce relevant tools and background information, necessary for the hacking of real cars and ECUs. Last but not least, we show automation strategies for automotive network security and system security assessments.

Key Learning Objectives:

• How to identify attack surfaces on ECUs
• Understand low level CAN communication and attacks
• Obtain an overview on common vehicle architectures and network topologies
• Know the most relevant protocols in current vehicles
• Receive hands-on experience in automotive network scans
• Get an overview on toolchains of OEMs and their software update mechanisms
• Know basics about current immobilizer systems

Target Audience:

• Researchers and Engineers either with a Background in Security or in Automotive.

Requirements:

• Laptop with WiFi or Ethernet and Admin / root privileges
• (Arch) Linux is the preferred OS
• SSH client
• Installation of latest Ghidra version
• Installation of Wireshark and Python3

Prerequisite:

• Basic knowledge of programming (C, Python)
• Basic knowledge of Linux
• Basic knowledge of embedded systems is a plus, but not required
• Basic knowledge of firmware reversing with Ghidra is a plus, but not required
• Basic knowledge of Wireshark or Scapy is a plus, but not required