image image

Dr. Nils Weiss & Enrico

Automotive Security Testing and Automation calender

Trainer: Dr. Nils Weiss & Enrico

Date: 30th Oct to 01st Nov 2023

Time: 9:00am to 5:00pm CEST

Venue: Marriott Hotel, The Hague, Netherlands

Training Level: Intermediate ;Advanced

Please note: the training ticket does not include access to the conference. Similarly, the conference ticket does not grant access to the trainings. If you have any questions, reach out to us.

Training Objectives:

The significance of Automotive Security has been rapidly increasing, however, gaining entry into this research domain remains a challenging feat.

In this instructional program, we aim to impart fundamental knowledge on automotive protocols and systems that are required to understand all details and specialties of Electronic Control Units (ECUs). We provide physical ECUs for the purpose of hardware reverse engineering and elucidation. Moreover, we offer a virtualized environment that helps to overcome the typical difficulties encountered during practical work on hardware systems. In the automotive industry, each Original Equipment Manufacturer (OEM) follows a distinctive design philosophy. Hence, we introduce relevant tools and background information, necessary for the exploitation of actual cars and ECUs. Lastly, we exhibit automation strategies for the assessment of automotive network security and system security.

What to Expect? | Key Learning Objectives:

  • How to identify attack surfaces on ECUs
  • Introduction to Hardware Reverse Engineering of ECUs
  • Understand low level CAN and CANFD communication and attacks
  • Obtain an overview on common vehicle architectures and network topologies
  • Know the most relevant protocols in vehicles
  • Receive hands-on experience in automotive network scans
  • Get an overview on toolchains of OEMs and their software update mechanisms
  • Know basics about current immobilizer systems
  • Deep-dive into automation strategies of automotive penetration tests

Training Detailed Description:


Day 1:

Time Topic Description
09:00 - 09:15 Intro
09:15 - 09:45 Vehicle Networks
09:45 - 11:00 CAN (FD) | Basics, Attacks
11:00 - 12:00 CAN Exercise | Attacking CAN (Torcs)
12:00 - 13:00 Lunch break
13:00 - 14:00 Hardware Reverse Engineering
14:00 - 15:30 Hardware Exercises | Reversing HW and attach CAN, talk to ECU
15:30 - 16:00 ISOTP
16:00 - 17:00 ISOTP Scanning

Day 2:

Time Topic Description
09:00 - 10:00 DoIP / HSFZ
10:00 - 12:00 UDS / GMLAN
12:00 - 13:00 Lunch break
13:00 - 15:00 UDS Exercise | Scanning
15:00 - 16:00 OEM Specifics
16:00 - 17:15 Free Hacking | Break SA, Flash ECUs, Exploitation

Day 3:

Time Topic Description
09:00 - 10:00 Firmware Extraction
10:00 - 12:00 Firmware Reverse-Engineering
12:00 - 13:00 Lunch Break
13:00 - 14:30 Exploitation (Security Access)
14:30 - 17:00 Exploitation (Remote Code Execution)

Who Should Attend? | Target Audience:

Researchers and Engineers either with a Background in Security or in Automotive.

What to Bring? | Software and Hardware Requirements:

  • Laptop with WiFi or Ethernet and Admin / root privileges
  • (Arch) Linux is the preferred OS
  • SSH client - Installation of latest Ghidra version
  • Installation of Wireshark and Python3

What to Bring? | Prerequisite Knowledge and Skills:

  • Basic knowledge of programming (C, Python)
  • Basic knowledge of Linux
  • Basic knowledge of embedded systems is a plus, but not required
  • Basic knowledge of firmware reversing with Ghidra is a plus, but not required
  • Basic knowledge of Wireshark or Scapy is a plus, but not required

Resources Provided at the Training | Deliverables:

Students will be provided with real world ECUs, a Virtual Machine and access to our comprehensive online book for automotive security topics


Dr. Nils Weis, researcher in Automotive Security with over 7 years of experience, currently spearheading dissecto GmbH, a spin-off from the Laboratory for Safe and Secure Systems ( at the University of Applied Sciences in Regensburg.

Dr. Weiss’s passion for Automotive Security was ignited during his internship at the industry giant, Tesla Motors, which eventually led him to embark on a journey toward revolutionizing the field of automotive security research. During his bachelor’s and master’s programs, he delved into the world of penetration testing and explored the vulnerabilities in entire vehicles.

In addition to his contributions towards penetration testing of automotive systems, Dr. Weiss has also been actively involved in developing open-source penetration testing frameworks for automotive systems such as the revolutionary Scapy.

Enrico has worked as an automotive penetration tester since 2016. Together with Nils Weiss, he built the automotive security research lab at the OTH Regensburg and worked with several automotive manufacturers and insurance companies to find vulnerabilities and build exploit demonstrations.