Lesson 1Logical architecture mapping: methods to document network zones, trust boundaries, data flows between ECUs, gateway, telematics, and cloudThis section outlines methods for documenting logical architectures, including network zones, trust boundaries, and data flows between ECUs, gateways, telematics units, and cloud services, to support systematic threat modelling and controls.
Identifying assets and communication endpointsDefining network zones and security levelsDocumenting trust boundaries and assumptionsModelling ECU, gateway, and cloud data flowsUsing diagrams to support threat modellingLesson 2Automotive Ethernet fundamentals: PHY, switched topology, VLANs, TSN basics relevant to vehiclesThis section explores Automotive Ethernet basics, including PHY options, cabling, and switched topologies. It covers VLAN segmentation, QoS, and TSN features that enable deterministic, safety-relevant traffic in modern vehicle networks.
Automotive Ethernet PHYs and cabling optionsSwitched topologies and redundancy patternsVLAN segmentation and traffic separationQuality of Service and priority mechanismsTSN concepts for deterministic in-vehicle trafficLesson 3CAN bus fundamentals: signal framing, message IDs, arbitration, ECU rolesThis section introduces CAN bus concepts, including frame structure, identifiers, and arbitration. It explains ECU roles on the bus, typical signalling patterns, and timing behaviour, preparing learners to analyse and secure CAN traffic.
CAN frame structure and bit-level signallingStandard vs extended identifiers and ID designArbitration, bus load, and priority handlingECU transmit, receive, and diagnostic rolesError handling, fault confinement, and bus-offLesson 4ECU types and responsibilities: powertrain, gateway, infotainment, telematics, domain controllersThis section classifies ECU types and their responsibilities, including powertrain, body, infotainment, telematics, and domain or zone controllers, and explains how their roles influence security priorities and network placement.
Powertrain and chassis control ECUsBody, comfort, and ADAS control modulesInfotainment head units and media modulesTelematics control units and connectivity ECUsDomain and zone controllers in new E/E designsLesson 5External interfaces mapping: cellular modem, Wi-Fi, Bluetooth, OBD-II — protocols, typical vulnerabilities, typical access modelsThis section maps key external interfaces such as cellular, Wi-Fi, Bluetooth, and OBD-II. It reviews protocols, common vulnerabilities, and access models, highlighting how attackers pivot from external surfaces into in-vehicle networks.
Cellular modem stacks and remote access pathsWi-Fi client, hotspot, and provisioning modelsBluetooth profiles and pairing weaknessesOBD-II physical access and diagnostic protocolsCommon misconfigurations and abuse scenariosLesson 6Data classification and sensitive assets: safety-critical messages, cryptographic keys, firmware images, personal data on infotainment/telematicsThis section introduces data classification for automotive systems, focusing on safety-critical signals, cryptographic keys, firmware images, and personal data, and explains how classification guides protection and retention controls.
Identifying safety-critical control messagesManaging cryptographic keys and key materialProtecting firmware images and update filesHandling personal and telemetry data in vehiclesRetention, deletion, and forensic requirementsLesson 7Cloud backend components and interfaces: backend update server, device registry, authentication, telemetry ingestion, API gatewaysThis section explains cloud backend components that interact with vehicles, including update servers, device registries, authentication services, telemetry ingestion, and API gateways, emphasising trust, identity, and secure data exchange.
Backend update servers and campaign controlDevice identity, registry, and lifecycle statesAuthentication, tokens, and certificate handlingTelemetry ingestion, storage, and analytics flowsAPI gateways, rate limiting, and zero trustLesson 8Gateway ECU function and secure gateway design patterns: routing, protocol translation, firewalling, isolationThis section details gateway ECU functions, including routing, protocol translation, and traffic filtering. It introduces secure gateway design patterns for isolation, intrusion detection support, and controlled diagnostic access.
Routing between CAN, LIN, and Ethernet segmentsProtocol translation and message normalisationFirewall rules and policy enforcement pointsNetwork segmentation and isolation strategiesSecure diagnostics and authenticated access
