Learn how to secure AI as well as to use AI to improve automotive cybersecurity in the framework of ISO 21434.
The course gives an overview of cybersecurity elements, with an emphasis on its applications in the modern automotive industry, as well as the role of AI in cybersecurity. The course first introduces cybercrime, its dangers and motivations, as well as the effects it may have on next-generation vehicles. All the important notions are systematically laid out, such as threats, vulnerabilities, impact, the CIA triad, security measures, and security management frameworks. The course gives an overview of present-day cybersecurity standards, whereas the emphasis is given to ISO/SAE 21434 used in the automotive industry, contrasting it with other important standards such as ISO 27001 / TISAX, IEC 62434, ISO 15408, ISO 26262, and ISO/PAS 21448. Cybersecurity processes and procedures are covered in additional detail, with a modernized focus on hands-on work featuring a dual AI approach: utilizing Generative AI to accelerate standard security processes and understanding how to secure AI-augmented tech in vehicles. Practical exercises include: AI-assisted Threat Analysis and Risk Assessment (TARA), Security Requirements, Threat Modelling, Secure Architecture with AI-based measures, Security Testing, Assessment, and Review.
Course Topics:
- Cybersecurity in automotive with the concepts of vulnerabilities and cyber attacks / exploits, motivation for attack and possible damages, holistic security architecture, confidentiality – Integrity – Availability (CIA) triad, and understanding data.
- Cybersecurity process in the automotive system design lifecycle with the Security management frameworks – overview.
- Regulatory compliance with ISO/SAE 21434 and its relations with ISO 27001 / TISAX, ISO 26262 and ISO/PAS 21448 (SOTIF).
- Understanding risk, vulnerability and impact, risk assessment methods with AI-assisted exercises, and handling risk and iteratively closing out threats / risk analysis process.
- Security requirement elicitation using GenAI, decomposition, and risk allocation based on TARA.
- Secure architecture principles with exercises, secure communication with encryption concepts, over-the-air updates, AI-based security measures, and the fundamentals of securing AI-augmented vehicle technologies.
- Performing a systematic threat modelling, and STRIDE model for countermeasures definition. Security review, security case, and penetration testing.
Requirements
Software: Chrome browser, and access to Generative AI tools (e.g., ChatGPT, Claude) for practical exercises.
Hardware: Computer with an Internet connection, working speakers, and microphone.
Prior knowledge: Students should have a basic engineering background, and preferably a software background and knowledge of at least one programming language.
