Browse Learn C1619

Cybersecurity: An Introduction for the Automotive Sector C1619

The automotive industry is the new "battleground" for cybersecurity. Following the path of desktops/laptops, tablets, and mobile phones, the automotive industry is now the "hot" area for both academic researchers and hackers. This will transform the automotive industry just as it transformed traditional information technology and the mobile markets; it is inescapable, but it can be beneficial and a well prepared company can find significant benefit in being a market leader.

What does cybersecurity mean? Who is attacking and why? What must we change? What can stay the same? What is the larger organization's role in cyber? What will the government likely do and how will it affect us? Are there measurements - what does "secure" look like? These questions and more will be answered by this seminar.

We live in an age when cyber-related recalls will happen, when remote, over-the-air updates will become routine, and in which our cars have more lines of code than a small office. This seminar introduces critical cybersecurity concepts and puts them in an automotive context. It cuts through to the "so what" basics that enable understanding and provides ideas to implement in your company. Interaction and discussion is important, so after each lecture block there is a discussion period and a written work product.

Learning Objectives
By attending this seminar you will be able to:
  • Describe key concepts in automotive cybersecurity such as the InfoSec Triad; Threat, Vulnerability, and Risk; Defense in Depth, etc.
  • Understand the importance of organizational roles and support, and how doing this can make cybersecurity an operational value proposition and not just a costly after-thought
  • Understand and recognize good software and embedded security practices
  • Understand why "hackers" are focusing on the automotive industry, and how they tend to think and operate.

Who Should Attend
This seminar is intended for anyone not familiar with automotive cybersecurity. The material covered is introductory and appropriate for both engineering staff and management looking to learn about the cybersecurity issues that affect all aspects of the automotive industry.

None. However, an engineering background will be helpful.

  • Introduction
    • Definitions
    • Vulnerability
    • Threat
    • Risk
    • TARA (Threat Assessment and Remediation Analysis)
    • Architecture
    • Attack classes
    • State of the Standards (SAE, NIST, ISO)

  • InfoSec Triad - "Plus"
    • Confidentiality
    • Integrity
    • Availability
    • Non-repudiation
    • Apply to automotive
    • Discuss critical design features (e.g. availability vs integrity)

  • Exercise
    • Short question and answer with problem assignment

  • InfoSec Governance
    • Standards
    • Roles and responsibilities
    • Ongoing monitoring
    • Oversight
    • Value

  • Secure Software Development
    • Scope/scale of problem
    • Proper design of software quality assurance/testing
    • Continuous integration
    • Evaluation of 3rd party code
    • Techniques (e.g. overflows, data protection, etc.)
    • Cryptography

  • The Adversary - Hackers
    • Changing demographics, motivation, and identity
    • Work process (e.g. flash dumping dynamic analysis, etc.)
    • Case study

  • Exercise
    • Short question and answer with problem assignment

  • Embedded Security
    • How embedded security differs from “traditional” security - pros and cons
    • Embedded hardware lock-down
    • Key software development for embedded systems

  • Diverse Topics
    • Overview of some hardware and software cybersecurity techniques and products
    • Resiliency
    • Supply chain cybersecurity
    • Understanding built-in vs bolt-on argument and how to evaluate efficacy
    • Defense in depth
    • Stepping through an exemplar layered system

  • Final Exercise
    • Question and answer with guided exercise
Robert Dekelbaum

Robert Dekelbaum ("Deker") is a founding partner of AutoImmune, Inc. AutoImmune was founded to exclusively address the cybersecurity challenge in the automotive space. Deker was former the operations officer for Battelle's automotive cybersecurity organization, the Center for Advanced Vehicle Environments. He has been a mobile security engineer, security Q/A test engineer, and cybersecurity trainer and lab manager for many projects for the US Department of Defense from 2002-2012; prior to that he ran security programs for large ISPs.

Hotel & Travel Information

Fees: $810.00
SAE Members: $648.00 - $729.00

.7 CEUs
You must complete all course contact hours and successfully pass the learning assessment to obtain CEUs.

For additional information, contact SAE Customer Service 1-877-606-7323 (724-776-4970 outside the U.S. and Canada) or at

Duration: 1 Day
Upcoming open enrollment dates being scheduled. Please check back.