Day 1

Understanding security mechanisms first requires understanding development on the devices. During the first day, students are introduced to the devices, as well as the provided development environments. They will work through several challenges, with the objective of building a simple flash read-out program that will be used in later steps.

​

Day 2

A deep dive into various security mechanisms on these devices is presented. This includes the development of security features on various devices including SPC/MPC55xx, SPC/MPC56xx, and SPC/MPC57xx. In the afternoon, fault injection as an attack vector is introduced, and students perform simple fault injection experiments on lab code.

​

Day 3

Analysis of critical security code used on these devices is presented. Students work to read critical boot code from the device and test vulnerabilities in the code. Countermeasures are discussed and applied (where possible). Simple bypasses of security code are demonstrated in laboratory environments. Electromagnetic fault injection is introduced, and students use a ChipSHOUTER EMFI tool on their evaluation board.

​

Day 4

Students select a physical ECU to analyze. The ECUs use one of the devices covered in class and students will learn to apply the various techniques covered in the first three days in this guided session. ECUs cover multiple vehicles and model years.

​

Day 5

Students debrief on the ECU attack exercise. A brief introduction to attacks on cryptographic algorithms, including differential power analysis (DPA) are demonstrated with a hands-on lab recovering a key from an AES-128 software implementation. Future steps are described for students looking to dig deeper into cryptographic attack methods.

​