Security Innovation Addressing the Need for Automotive Security Training

June 13, 2016 –  In their continued commitment to automotive security, Security Innovation just released three new computer-based training courses for automotive developers: Fundamentals of Secure Embedded Software Development, Creating Secure OTA (Over the Air) Automotive System Updates, and How to Create an Automotive Systems Threat Model.

Modern cars have become complex digital devices. For example, The Mercedes S-Class contains over 100 million lines of code and up to 100 ECUs. This adds up to a large attack surface with lots of room for vulnerabilities. Because of this, automotive developers need to be properly trained on how to write secure code for these very powerful, yet very vulnerable machines.

That is where the new Security Innovation courses come in.

“Cyber security is a new priority for automakers and their suppliers, says Pete Samson, VP and General Manager of Security Innovation’s embedded division. “As a result, most of the automotive software developers have received little to no training in key cybersecurity topics, including threat modeling and writing secure code. Security Innovation’s new Automotive Developer Curriculum satisfies this need by giving them a solid cyber security foundation on which to design and build more secure vehicles.”

Fundamentals of Secure Embedded Software Development, will teach participants security issues inherent to embedded device architecture. You will also learn about techniques to identify system security and performance requirements, develop appropriate security architecture, select the correct mitigations, and develop policies that can ensure the secure operation of your system.

In Creating Secure OTA (Over the Air) Automotive System Updates, participants will learn about the secure design considerations for over-the-air (OTA) updates for automotive systems. After completing the course, you will be able to identify the benefits and risks of OTA automotive system updates, understand the importance of public key cryptography to the security of these updates, and identify secure design considerations for development, delivery, and installation of OTA automotive system updates.

How to Create an Automotive Systems Threat Model, will teach participants how to integrate threat modeling into your secure automotive software development lifecycle. The course provides step-by-step instructions for performing threat modeling, and its recommendations are aligned with the NHTSA’s proposed “Characterization of Potential Security Threats in Modern Automobiles”.

About Security Innovation

Since 2002, Security Innovation has been the trusted partner for cybersecurity risk analysis and mitigation for the world’s leading companies, including Microsoft, Sony, GM, Disney and Dell. Recognized as a Leader in the Gartner Magic Quadrant for Security Awareness Computer-Based Training for the second year in a row, Security Innovation is dedicated to securing and protecting sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. Security Innovation is privately held and headquartered in Wilmington, MA USA.