Lesson 1Logical architecture mapping: methods to document network zones, trust boundaries, data flows between ECUs, gateway, telematics, and cloudThis part shows ways to record logical setups, including network areas, trust edges, and data movements between ECUs, gateways, telematics units, and cloud services, aiding orderly threat sketching and safeguards.
Spotting assets and chat pointsSetting network zones and security levelsRecording trust edges and suppositionsSketching ECU, gateway, and cloud data streamsUsing drawings to aid threat sketchingLesson 2Automotive Ethernet fundamentals: PHY, switched topology, VLANs, TSN basics relevant to vehiclesThis part deals with Automotive Ethernet basics, including PHY choices, wiring, and switched layouts. It covers VLAN splitting, QoS, and TSN features that back steady, safety-linked traffic in modern vehicle networks.
Automotive Ethernet PHYs and wiring choicesSwitched layouts and backup patternsVLAN splitting and traffic partingQuality of Service and priority setupsTSN ideas for steady in-vehicle trafficLesson 3CAN bus fundamentals: signal framing, message IDs, arbitration, ECU rolesThis part brings in CAN bus ideas, including frame build, IDs, and sorting. It covers ECU jobs on the bus, usual signal patterns, and timing ways, readying learners to check and secure CAN traffic.
CAN frame build and bit-level signalsStandard vs extended IDs and ID planningSorting, bus load, and priority handlingECU send, receive, and diagnostic jobsError handling, fault locking, and bus-offLesson 4ECU types and responsibilities: powertrain, gateway, infotainment, telematics, domain controllersThis part sorts ECU types and their duties, including powertrain, body, infotainment, telematics, and domain or zone controllers, and covers how their jobs shape security priorities and network spots.
Powertrain and chassis control ECUsBody, comfort, and ADAS control unitsInfotainment head units and media unitsTelematics control units and link ECUsDomain and zone controllers in new E/E plansLesson 5External interfaces mapping: cellular modem, Wi‑Fi, Bluetooth, OBD‑II — protocols, typical vulnerabilities, typical access modelsThis part maps key outside links like cellular, Wi‑Fi, Bluetooth, and OBD‑II. It checks protocols, common weak spots, and access ways, showing how attackers shift from outside faces into in-vehicle networks.
Cellular modem stacks and remote access pathsWi‑Fi client, hotspot, and setup modelsBluetooth profiles and pairing weak spotsOBD‑II physical access and diagnostic protocolsCommon wrong setups and abuse casesLesson 6Data classification and sensitive assets: safety-critical messages, cryptographic keys, firmware images, personal data on infotainment/telematicsThis part brings in data sorting for automotive systems, focusing on safety-vital signals, crypto keys, firmware pics, and personal data, and covers how sorting guides protection and holding controls.
Spotting safety-vital control messagesHandling crypto keys and key stuffGuarding firmware pics and update filesDealing with personal and telemetry data in vehiclesHolding, deleting, and forensic needsLesson 7Cloud backend components and interfaces: backend update server, device registry, authentication, telemetry ingestion, API gatewaysThis part covers cloud backend parts that link with vehicles, including update servers, device lists, auth services, telemetry taking in, and API gateways, stressing trust, identity, and secure data swap.
Backend update servers and campaign controlDevice identity, list, and life statesAuthentication, tokens, and cert handlingTelemetry taking in, storage, and analytics flowsAPI gateways, rate limiting, and zero trustLesson 8Gateway ECU function and secure gateway design patterns: routing, protocol translation, firewalling, isolationThis part details gateway ECU jobs, including routing, protocol shifting, and traffic sifting. It brings in secure gateway design patterns for parting, intrusion spotting aid, and controlled diagnostic access.
Routing between CAN, LIN, and Ethernet partsProtocol shifting and message normalisingFirewall rules and policy force pointsNetwork splitting and parting strategiesSecure diagnostics and auth access
