Workshops - escar Europe 2023

In order to guarantee a good workshop atmosphere and for you to be able to gain new insights or deepen your knowledge successfully the number of participants is limited to 35 in each workshop.

Workshops

Workshop Fee
On site: EUR 299,00 (plus VAT 19%)

Please note: the workshops are not included in the conference fee.

Workshop 1: What's all the fuzzing about? Introduction to tool-based automotive fuzz testing (Marcos Cardoso, Thomas Irmscher)

Outline of the workshop:

  1. Introduction to fuzzing technology
    • Protocol vs. Source-code fuzzing
    • How fuzzing improves the cybersecurity of automotive products
  2. Relevance of fuzzing in context of ISO/SAE 21434 and UN R 155
    • Which validation requirements can be covered with security fuzzing?
    • Current challenges in automotive industry
  3. ESCRYPT CycurFUZZ
    • Live demo and hands-on with a security fuzzer
    • Interpretation and analyses of test results
    • Final conclusions

Workshop 2: Automotive Security Fundamentals (Prof. Dr.-Ing. Reiner Kriesten)

Cyber Security is an essential part in the development of Cyber Physical Systems like vehicles. With its dozens of computers inside the vehicle and its multiple interfaces to the outside world, e.g. for Software-Over-The-Air-updates or for entertainment services, the overall system is highly distributed and subject to numerous attack vectors from outside the car and with physical presence (latter e.g. for theft and tuning purposes or with different access possibilities in car sharing situations). To prevent the attacks, e.g. ISO 21434 demands the existence of a holistic security concept.

Applied cryptography serves as base of most practical solutions and requires knowledge of cryptographic primitives, protocols, cryptographic hardware, key management and specific automotive constraints.

This workshop on Automotive Cyber Security provides the necessary background on the fundamentals of IT-Security from a practical and theoretical perspective, also focusing on topics relevant for the automotive domain. Please note that the workshop is for novices in Cyber Security resp. automotive security, e.g. for automotive SW/ system engineers with only few security expertise. This workshop will also include easy, hands-on exercises to underline the understanding of the context (no computer is required)

Outline of the workshop:

  1. Introduction to automotive security
  2. Basics in Cryptography
    • Terms and basic principles (e.g. Kerckhoffs principle and existence in automotive domain, cryptography and cryptoanalytics techniques, diffusion and confusion…)
    • The communication model for cryptography
    • Security goals, symmetric and public-key encryption, algorithms, first effort estimation and speed-up examples
  3. Overview of vehicle security artefacts
    • Vehicle's E/E-architectures – an overview
    • Overview of vehicle security features and the necessity of a holistic security concept
    • Example feature “Firewall” – a deeper look in concepts and tasks
  4. Basics of protocol security
    • Why protocol security: automotive attack examples
    • Basics of Protocol Security: Signatures, Hashes, Certificates, Message Authentication Codes, Key Management
    • Protocol Security – concepts for the automotive domain, e.g. security artefacts for automotive busses like CAN or Ethernet, key management analysis, ...