Lesson 1Logical architecture mapping: methods to document network zones, trust boundaries, data flows between ECUs, gateway, telematics, and cloudThis part shows ways to record logical setups, covering network areas, trust lines, and data movements between ECUs, gateways, telematics units, and cloud services, aiding planned threat assessment and safeguards.
Spotting assets and communication pointsSetting network zones and security ranksRecording trust lines and premisesModelling ECU, gateway, and cloud data streamsEmploying diagrams for threat assessmentLesson 2Automotive Ethernet fundamentals: PHY, switched topology, VLANs, TSN basics relevant to vehiclesThis part covers basics of Automotive Ethernet, including PHY choices, wiring, and switched setups. It describes VLAN division, QoS, and TSN features for reliable, safety-linked traffic in today's vehicle networks.
Automotive Ethernet PHYs and wiring choicesSwitched setups and backup patternsVLAN division and traffic splittingQuality of Service and priority toolsTSN ideas for reliable in-vehicle trafficLesson 3CAN bus fundamentals: signal framing, message IDs, arbitration, ECU rolesThis part introduces CAN bus ideas, including frame build, identifiers, and arbitration. It covers ECU parts on the bus, common signal patterns, and timing, readying learners to check and secure CAN traffic.
CAN frame build and bit-level signalsStandard vs extended identifiers and ID planningArbitration, bus load, and priority managementECU send, receive, and diagnostic partsError management, fault limits, and bus-offLesson 4ECU types and responsibilities: powertrain, gateway, infotainment, telematics, domain controllersThis part sorts ECU types and duties, covering powertrain, body, infotainment, telematics, and domain or zone controllers, and shows how their parts affect security needs and network spots.
Powertrain and chassis control ECUsBody, comfort, and ADAS control unitsInfotainment head units and media unitsTelematics control units and link ECUsDomain and zone controllers in new E/E plansLesson 5External interfaces mapping: cellular modem, Wi‑Fi, Bluetooth, OBD‑II — protocols, typical vulnerabilities, typical access modelsThis part maps main external links like cellular, Wi‑Fi, Bluetooth, and OBD‑II. It checks protocols, usual weaknesses, and access ways, showing how foes shift from outer faces into in-vehicle networks.
Cellular modem stacks and remote access routesWi‑Fi client, hotspot, and setup modelsBluetooth profiles and pairing flawsOBD‑II physical access and diagnostic protocolsCommon wrong setups and misuse casesLesson 6Data classification and sensitive assets: safety-critical messages, cryptographic keys, firmware images, personal data on infotainment/telematicsThis part starts data sorting for automotive systems, focusing on safety-vital signals, crypto keys, firmware images, and personal data, and shows how sorting leads protection and holding controls.
Spotting safety-vital control messagesHandling crypto keys and key stuffSafeguarding firmware images and update filesDealing with personal and telemetry data in vehiclesHolding, removal, and forensic needsLesson 7Cloud backend components and interfaces: backend update server, device registry, authentication, telemetry ingestion, API gatewaysThis part shows cloud backend parts that link with vehicles, including update servers, device lists, auth services, telemetry intake, and API gates, stressing trust, identity, and safe data swap.
Backend update servers and campaign controlDevice identity, list, and life statesAuthentication, tokens, and certificate handlingTelemetry intake, storage, and analytics flowsAPI gates, rate limits, and zero trustLesson 8Gateway ECU function and secure gateway design patterns: routing, protocol translation, firewalling, isolationThis part covers gateway ECU works, including routing, protocol shift, and traffic filter. It starts safe gateway design patterns for split, intrusion spot aid, and controlled diagnostic access.
Routing between CAN, LIN, and Ethernet partsProtocol shift and message standardFirewall rules and policy force pointsNetwork split and split plansSafe diagnostics and auth access
