Lesson 1Logical architecture mapping: methods to document network zones, trust boundaries, data flows between ECUs, gateway, telematics, and cloudThis part presents ways to record logical architectures, covering network zones, trust boundaries, and data movements between ECUs, gateways, telematics units, and cloud services, aiding systematic threat modelling and controls for Namibian automotive systems.
Identifying assets and communication endpointsDefining network zones and security levelsDocumenting trust boundaries and assumptionsModeling ECU, gateway, and cloud data flowsUsing diagrams to support threat modelingLesson 2Automotive Ethernet fundamentals: PHY, switched topology, VLANs, TSN basics relevant to vehiclesThis part discusses basics of Automotive Ethernet, including PHY choices, cabling, and switched setups. It covers VLAN division, QoS, and TSN features for reliable, safety-related traffic in modern Namibian vehicle networks.
Automotive Ethernet PHYs and cabling optionsSwitched topologies and redundancy patternsVLAN segmentation and traffic separationQuality of Service and priority mechanismsTSN concepts for deterministic in-vehicle trafficLesson 3CAN bus fundamentals: signal framing, message IDs, arbitration, ECU rolesThis part introduces CAN bus ideas, including frame build, identifiers, and arbitration. It explains ECU functions on the bus, common signalling patterns, and timing, readying learners to examine and secure CAN traffic in Namibian contexts.
CAN frame structure and bit-level signalingStandard vs extended identifiers and ID designArbitration, bus load, and priority handlingECU transmit, receive, and diagnostic rolesError handling, fault confinement, and bus-offLesson 4ECU types and responsibilities: powertrain, gateway, infotainment, telematics, domain controllersThis part sorts ECU types and their duties, covering powertrain, body, infotainment, telematics, and domain or zone controllers, and how their roles shape security needs and network positions in Namibian vehicles.
Powertrain and chassis control ECUsBody, comfort, and ADAS control modulesInfotainment head units and media modulesTelematics control units and connectivity ECUsDomain and zone controllers in new E/E designsLesson 5External interfaces mapping: cellular modem, Wi‑Fi, Bluetooth, OBD‑II — protocols, typical vulnerabilities, typical access modelsThis part outlines main external interfaces like cellular, Wi‑Fi, Bluetooth, and OBD‑II. It reviews protocols, usual weaknesses, and access ways, showing how attackers shift from external points into in-vehicle networks in Namibian settings.
Cellular modem stacks and remote access pathsWi‑Fi client, hotspot, and provisioning modelsBluetooth profiles and pairing weaknessesOBD‑II physical access and diagnostic protocolsCommon misconfigurations and abuse scenariosLesson 6Data classification and sensitive assets: safety-critical messages, cryptographic keys, firmware images, personal data on infotainment/telematicsThis part introduces data sorting for automotive systems, focusing on safety-critical signals, crypto keys, firmware images, and personal data, and how sorting directs protection and holding controls in Namibian vehicles.
Identifying safety-critical control messagesManaging cryptographic keys and key materialProtecting firmware images and update filesHandling personal and telemetry data in vehiclesRetention, deletion, and forensic requirementsLesson 7Cloud backend components and interfaces: backend update server, device registry, authentication, telemetry ingestion, API gatewaysThis part explains cloud backend parts that link with vehicles, including update servers, device lists, authentication services, telemetry intake, and API gateways, stressing trust, identity, and safe data swap in Namibian fleets.
Backend update servers and campaign controlDevice identity, registry, and lifecycle statesAuthentication, tokens, and certificate handlingTelemetry ingestion, storage, and analytics flowsAPI gateways, rate limiting, and zero trustLesson 8Gateway ECU function and secure gateway design patterns: routing, protocol translation, firewalling, isolationThis part details gateway ECU tasks, including routing, protocol shift, and traffic sorting. It introduces safe gateway patterns for separation, intrusion spotting aid, and managed diagnostic entry in Namibian vehicles.
Routing between CAN, LIN, and Ethernet segmentsProtocol translation and message normalizationFirewall rules and policy enforcement pointsNetwork segmentation and isolation strategiesSecure diagnostics and authenticated access
