This module covers the basics of cryptography, including its history and evolution, classical ciphers like the Caesar Cipher, and fundamental cryptographic concepts such as encryption, decryption, and ciphertext. You will also learn about key principles like Kerckhoffs’ Principle, the One-Time Pad as an unbreakable cipher, and an overview of symmetric and asymmetric cryptography, hash functions, and key exchange methods.

This module builds on foundational cryptography concepts and focuses on symmetric cryptography. You will learn about symmetric encryption and decryption processes, including the workings of stream ciphers and block ciphers. The course explains the critical role of random numbers in key generation and encryption. Additionally, it covers Message Authentication Codes (MACs), which ensure message authenticity and integrity. The module also discusses common block cipher modes like ECB and CBC, along with their strengths and weaknesses.

In this module, you will learn the fundamentals of asymmetric (public-key) cryptography, including how key pairs are used for secure communication. The course also explains the hybrid approach that combines symmetric and asymmetric methods for enhanced security. Additionally, you will explore hash functions, their key properties, and their role in verifying data integrity. Finally, the module covers digital signatures, detailing how they are created and verified to ensure authenticity, integrity, and non-repudiation of messages.

This module introduces Public Key Infrastructure (PKI) and its key components, such as Certificate Authorities (CAs), Registration Authorities (RAs), and digital certificates. You will learn how PKI establishes trust through a hierarchical chain of digital certificates and explore the differences between X.509 and Card Verifiable (CV) certificates. The course also covers various digital certificate formats, their advantages, and challenges involved in managing certificates.

This module explores Hardware Trust Anchors (HTAs) and their critical role in automotive security. You will learn about key secure hardware components including Secure Hardware Extensions (SHE), Hardware Security Modules (HSM), and Trusted Platform Modules (TPM). The course covers their security features, physical protections against tampering, supported cryptographic functions, and typical automotive use cases such as secure boot, communication, and key management.

This module explains the concept of Secure Boot and its importance in ensuring the authenticity and integrity of software before execution. You will learn about different secure boot mechanisms, including authenticated boot and protected boot, along with various execution schemes such as sequential, concurrent, and parallel boot. The course covers key components like the hardware root of trust, cryptographic keys, digital signatures, and verification methods, highlighting best practices and key considerations for implementing secure boot in embedded systems.

This module covers the critical aspects of securely updating software in modern vehicles. You will learn about the differences between firmware and software updates, update delivery methods including Over-The-Air (OTA), and the challenges posed by complex automotive systems. The course emphasizes the importance of security principles such as authenticity, integrity, confidentiality, and availability in the update process. Key mechanisms like digital signatures, encryption, secure boot, and hardware security modules (HSMs) are explained, along with best practices for designing and managing secure software update pipelines in automotive environments.

This module establishes the foundation of secure coding practices critical to automotive software development. It covers fundamental C programming concepts related to memory and data types, and delves into common software vulnerabilities such as Integer Overflows and Buffer Overflows. You will learn to identify these weaknesses, understand their potential security impact, and apply basic mitigation strategies to help protect automotive systems against exploitation.

Building on foundational secure coding principles, this module focuses on Command Injection vulnerabilities and their exploitation. You will learn effective mitigation techniques and gain insight into integrating secure coding practices throughout the software development lifecycle (SDLC). The course introduces important industry standards, guidelines, tools, and communities that support secure software development. By the end, you will understand how to apply advanced defences and best practices to build more resilient automotive software.

This module introduces the fundamentals of Threat Analysis and Risk Assessment (TARA) as defined in the ISO/SAE 21434 standard for automotive cybersecurity. You will learn the process of identifying potential threats, assessing risks, and prioritizing security measures to protect automotive systems. The course covers key concepts such as attack vectors, impact evaluation, likelihood estimation, and risk classification, providing a structured approach to managing cybersecurity risks in vehicle development and operation.