Academic year/semester: 2025/26/1

ECTS Credits: 4

Available for: Only for the faculty’s students

Lecture hours: 10
Seminarium:-
Practice: -
Laboratory: 5
Consultation: -

Prerequisites: -

Course Leader: Anna BÁNÁTI-BAUMANN PhD

Faculty: John von Neumann Faculty of Informatics, 1034 Budapest, Bécsi út 96/b

Course Description:
Introduction to automotive cybersecurity and its management. Introduction to automotive networks and their security, basics of penetration testing. Application of cryptography within vehicles. Security of low-level languages (C, C++), secure coding. Security of operating systems and firmware. Introduction to hardware-level security, analysis of programmable circuit boards (PCB), reverse engineering, case studies.

Competences:
The goal of this course is to introduce students to the basics of cybersecurity within the automotive industry. Students will get an overview about cybersecurity management, ethical hacking, system, software, and hardware security – using practical examples and case-studies from the automotive industry.

Topics:
Lecture schedule
Education week
Topic
1. Introduction to automotive cybersecurity, case studies.
2. Cybersecurity management. Threat analysis and risk assessment. Post development cybersecurity tasks.
3. Introduction to ethical hacking, regulations, approaches. Port scanning, fuzzing, other information gathering techniques. Understanding vulnerabilities, vulnerability scanning.
4. Ethical hacking tools. Installation and configuration of Kali Linux. Useful tools in Kali Linux, Metasploit Framework.
5. Security of automotive networks I. Internal communication protocols (Ethernet, CAN, LIN, FlexRay), weaknesses and security measures.
6. Security of automotive networks II. Wireless technologies (V2X, 5G, GPS, Wi-Fi, Bluetooth), attack surfaces.
7. Applied cryptography. Cryptographic primitives, in-vehicle use cases. Restrictions and limitations of the environment. Security trade-offs.
8. Security of low-level programming languages, C and C++. Memory layout and architecture. Understanding the basics of buffer overflow, control flow hijacking, remote code execution. Security measures, secure coding.
9. OS & firmware security. Malware, ransomware, spyware. Protecting access with HSM. Malicious flashing and flashware tampering.
10. Hardware security I. Analysing a PCB (UART, SPI, I2C, JTAG).
11. Hardware security II. Structure of a firmware. Encryption, decryption, hardcoded secrets.
12. Hardware security III. Reverse engineering, understanding a binary.
13. Midterm
14. Midterm (re-take)

Assessment: Mid-term requirements Conditions for obtaining a mid-term grade/signature Participation at the lessons is mandatory. Signature cannot be assigned to students who missed more than 30% of lessons. Multiple choice theoretical test, in a written form. A successful test is mandatory to acquire grade Assessment schedule Education week Topic 13. Theoretical test (first re-take) 14. Theoretical test (second re-take) Method used to calculate the mid-term grade (to be filled out only for subjects with mid-term grades) Multiple choice theoretical test, in a written form Type of the replacement Type of the replacement of written test/mid-term grade/signature First retake of the midterm on the last week. Replacement of the mid-term mark: once in the first 10 working days of the examination period. (only if the student attempted the midterm or the first retake but failed).

Exam Types:

Written Exam

Compulsory bibliography: Class materials published in Moodle.

Recommended bibliography: -

Additional bibliography: The slides and material used in the lecture will be available on the course website at https://elearning.uni-obuda.hu/ after the lecture.

Additional Information: -