Lectures:
1. Introduction to the cybersecurity: explanation of the basic terms, examples of the historical attacks, vectors of attacks.
2. Penetration testing and testing paradigm: What, how and when to test. Testing techniques and frameworks
3. Internet web services: securing application interface and management of access to the web services
4. Network of internet robots (botnet) and cyber attacks like denial of service (DOS, DDOS)
5. Network services and home networks: surveillance systems, network security, logging of network activities.
6. Connecting of mobile devices and comunication between cars: communication protocols, attacks like "Man in the middle".
7. Management of content and securing of data: anonymization of data, secure storing of data, encryption of data, basic principles of GDPR and their application in automotive domain.
8. The cybersecurity lifecycle - Overview of the lifecycle with reference to e.g. SAE J3061TM
9. The cybersecurity lifecycle - Management of cybersecurity
10. The cybersecurity lifecycle - Threat modelling
11. The cybersecurity lifecycle - Threat analysis and risk assessment
12. The cybersecurity lifecycle - Specification of security requirements and countermeasures
13. The cybersecurity lifecycle - Validation of cyber security
14. Summary and conclusion.
Practices:
1. Preparation of working environment: image of the operation system that will be used for the simulation of the attacks.
2. Introduction to the penetration testing I: overview of tools, basic examples of attacks.
3. Introduction to the penetration testing II: example of complex attack.
4. Internet web services: securing application interface and management of access to the web services
5. Network of internet robots (botnet) and cyber attacks like denial of service (DOS, DDOS): practical experiment on CAN bus
6. Network services and home networks: surveillance systems, network security, logging of network activities. Analysis of logs and looking for the non-standard behavior.
7. Management of content and securing of data: anonymization of data, secure storing of data, encryption of data.
8. The cybersecurity lifecycle - Overview of the lifecycle with reference to e.g. SAE J3061TM - definition of the development project cybersecurity lifecycle.
9. The cybersecurity lifecycle - Management of cybersecurity - planning and management of cybersecurity.
10. The cybersecurity lifecycle - Threat modelling
11. The cybersecurity lifecycle - Threat analysis and risk assessment
12. The cybersecurity lifecycle - Specification of security requirements and countermeasures
13. The cybersecurity lifecycle - Validation of cyber security
14. Summary and conclusion.
1. Introduction to the cybersecurity: explanation of the basic terms, examples of the historical attacks, vectors of attacks.
2. Penetration testing and testing paradigm: What, how and when to test. Testing techniques and frameworks
3. Internet web services: securing application interface and management of access to the web services
4. Network of internet robots (botnet) and cyber attacks like denial of service (DOS, DDOS)
5. Network services and home networks: surveillance systems, network security, logging of network activities.
6. Connecting of mobile devices and comunication between cars: communication protocols, attacks like "Man in the middle".
7. Management of content and securing of data: anonymization of data, secure storing of data, encryption of data, basic principles of GDPR and their application in automotive domain.
8. The cybersecurity lifecycle - Overview of the lifecycle with reference to e.g. SAE J3061TM
9. The cybersecurity lifecycle - Management of cybersecurity
10. The cybersecurity lifecycle - Threat modelling
11. The cybersecurity lifecycle - Threat analysis and risk assessment
12. The cybersecurity lifecycle - Specification of security requirements and countermeasures
13. The cybersecurity lifecycle - Validation of cyber security
14. Summary and conclusion.
Practices:
1. Preparation of working environment: image of the operation system that will be used for the simulation of the attacks.
2. Introduction to the penetration testing I: overview of tools, basic examples of attacks.
3. Introduction to the penetration testing II: example of complex attack.
4. Internet web services: securing application interface and management of access to the web services
5. Network of internet robots (botnet) and cyber attacks like denial of service (DOS, DDOS): practical experiment on CAN bus
6. Network services and home networks: surveillance systems, network security, logging of network activities. Analysis of logs and looking for the non-standard behavior.
7. Management of content and securing of data: anonymization of data, secure storing of data, encryption of data.
8. The cybersecurity lifecycle - Overview of the lifecycle with reference to e.g. SAE J3061TM - definition of the development project cybersecurity lifecycle.
9. The cybersecurity lifecycle - Management of cybersecurity - planning and management of cybersecurity.
10. The cybersecurity lifecycle - Threat modelling
11. The cybersecurity lifecycle - Threat analysis and risk assessment
12. The cybersecurity lifecycle - Specification of security requirements and countermeasures
13. The cybersecurity lifecycle - Validation of cyber security
14. Summary and conclusion.