Training Automotive Security Testing

If you don't actively attack risks, they will actively attack you. Security is never comprehensive but can be vastly improved with risk-oriented testing. This implies an optimized mix of test strategies and suitable tools. Risk-oriented security with dedicated test methods and appropriate tools is the call of the day. Security test must start with static code analysis, proceed with unit test and further advance with dedicated methods such as fuzzing and robustness tests up to the level of penetration testing (Pen-Test). This workshop will briefly introduce to risk-oriented security engineering and then dive into appropriate test methods and tools.

Like all verification and validation methods, cybersecurity testing needs experience to select the best methods, determine test end criteria and a lean yet effective regression strategy capable for continuous integration and deliveries. Often we see companies that test components and their interfaces, while overlooking security threats in networking and services. For that matter we have enriched the training with hands-on experiences from our security consulting projects. Participants are invited to actively engage with their questions.

Additional bonus: Attendees receive our current white papers on cybersecurity as PDF.

Customer Reference

"Outstanding level of expertise in cybersecurity."

- Michael Prantke, Panasonic

Workshop Agenda

Motivation: connectivity and cyberattacks, , terminology and standards

Need for automotive cybersecurity, common attacks and vulnerabilities
Overview and terminologies used in ISO 21434 - road vehicles cybersecurity standard

Risk-oriented cybersecurity engineering

System engineering principles for security testing
Threat analysis and risk assessment method: Security analysis technique as per ISO 21434

Security testing methods

Secure coding, code quality analysis
Fuzz testing techniques: Signal fuzz testing and frame fuzz testing
Penetration testing methodology: 10-step grey-box penetration test with case study

Security testing in practice

Software, hardware tools and test setup for security testing
Prerequisites for fuzzing and penetration testing
Demo: Live fuzzing on ECU Simulator

Discussion and resources

Price

700 € plus VAT (1 day)

Admission price includes full documentation on paper and as PDF and also our Technical Articles on "Automotive Embedded Engineering" (PDF) with lots of best practices, project experiences and state of the art technology. Naturally, all participants benefit from our rich coffee breaks and a quality lunch in our spectacular Vector restaurant. Each participant will receive a qualifying Vector certificate for this intensive training.

Get a discount (can be combined):

10% if you register 3-5 employees of your company,
20% for 6-10 employees
10% if you book at least 60 days in advance
You can save up to 30%, as these discounts can be combined!

Full-time students receive a (non-combinable) discount of 70% (on presentation of a valid student card).

Payment method:

Invoice

Register now

Fields marked with an asterisk (*) are required.

Available Dates: *

Fully booked! - 12 November 2021 (EN) - ONLINE

2022 schedule will be online soon!

We always choose the most favourable discount solution for you!

Billing Address

I pay myself / This is my private address.

Title*

Acad. Title

First Name*

Last Name*

E-Mail*

Phone*

Company*

Address*

Country*

Postal Code*

City*

Comments

Full-time study certificate

Please upload your full-time study certificate, if you are a student. Allowed formats: .pdf, .jpg, .zip - up to a size of max. 20 MB

General remarks *

I have read and accept the privacy policy and the terms and conditions that apply to all training classes conducted by Vector Consulting Services.

view terms & conditions for training

see the privacy policy

VCS Newsletter

I would like to receive the latest industry trends and benchmarks (max. 6 times/year)

不要填写本栏！

Discussion Groups

Topics include:

Cost versus benefit: How to optimize security testing along the life-cycle
Making penetration test effective: From black box to grey box
Which tools and methods for which purpose
Future Outlook, Discussion and Conclusion

Inhouse Formats

Do you want to adapt this training to your own examples and challenges? Looking for a workout that delivers practical exercises adjusted to your environment? Then, we suggest that you have this training conducted in-house, where you can decide on focus, speed and the training schedule. We also offer dedicated crash courses for employees and management.

Language: German or English.

On request, we offer our inhouse trainings in Chinese, French, Korean and Turkish.

Target Audience

Engineers in product development, system and software engineers, security and safety engineers and managers, architects, engineering managers, project managers, purchasing, quality managers.

About our Trainers

Ruschil Ray is an associate consultant at Vector Consulting Services. She has completed her Bachelor’s in Electronics and Communication engineering and has a master’s degree in Information Technology with the specialization in Embedded Systems from University of Stuttgart. She did her master thesis in the automotive cybersecurity domain with a focus on grey-box penetration test strategy. Ruschil supports companies worldwide to improve their security processes and security testing strategies.

Prof. Dr. Christof Ebert is Managing Director of Vector Consulting Services GmbH. He supports companies worldwide in improving their product development and product strategy as well as in change management. He sits on various supervisory boards, is a professor at the University of Stuttgart and the Sorbonne in Paris, and the author of several renowned books. Twitter: @ChristofEbert.