Automotive Cybersecurity Training (ACT) Program

Open to the Public | Bulk Pricing Available

ACT Program Registration Guide

The ACT Program registration is now located on Auto-ISAC’s new Learning Management System (LMS). An LMS is a web-based application that helps organizations create, manage, deliver, and track learning programs. The Auto-ISAC LMS is mainly used to house and track our ACT Program leaner progress and results.

Both the ACT Fundamentals and Advanced Learning Tracks will be located on the LMS.

ACT Program Fundamental courses are delivered online and on-demand. They can be taken anywhere and at anytime. Each of the Fundamental courses is listed as $500 USD. There are three from which to choose:

  1. Cybersecurity Basics,

  2. Secure Engineering, and

  3. Secure Operations Management.

More information on the new Advanced courses will be available in 2025.

Fundamentals and Advanced Learning Track Prerequisites

  • No experience. Auto-ISAC recommends taking all seven (7) courses. This encompasses both the Fundamentals Learning Track and the Advanced Learning Track.

  • Intermediate experience. Auto-ISAC recommends completing the Advanced Learning Track to supplement existing knowledge before taking the CAPEX.

  • Experienced Automotive and/or Cybersecurity Engineers / Managers. May take Advanced courses to supplement existing knowledge.

  • The Capability Exam (CAPEX) is free for those who successfully complete:

    • the ACT Fundamentals Learning Track and the ACT Advanced Learning Track, or

    • the Fundamentals Test Out and the ACT Advanced Learning Track.

Steps to access Auto-ISAC’s new Learning Management System (LMS)

  • If you’re accessing the Auto-ISAC LMS for the first time, you need to register via this link prior to entering the system. Complete the required fields, select a unique password, and click the ‘Sign Up’ button.

    Once in the system, click on the ‘Resources’ button found in the bottom middle of the Dashboard and watch the LMS Instructional Video to learn more about the site and what is available to you.

    When you're ready to enroll in a course, visit the Catalog section. Click the ‘Enroll’ button and pay for the course. It’s that simple!

  • Return User

    If you have ever registered for an Auto-ISAC course (even on our business partner’s site), you are already active in our LMS. Visit the site here anytime by entering your Username, which is your email address, and your Password. Simply click the Login button, and you’re in!

    If you have not visited our new LMS before, your password has been changed. Click the ‘Forgot Password?’ link. An email will be sent to you with instructions on how to re-enter the site.

    Your previously completed courses can be viewed in your transcripts. To sign up for new courses, visit our Catalog for a full selection.

  • If your company requires an invoice, or you think your company may be interested in registering more than one (1) employee at a time, please contact ACT@automotiveisac.com before registering as this requires a separate code to enter the LMS.

    30 or more registrants will receive a bulk discount.

    If at any time you experience challenges with our LMS, contact ACT@automotiveisac.com.

ACT PROGRAM FUNDAMENTAL LEARNING TRACK

Method: online / On-demand

Click on “+” for detailed information

Cybersecurity Basics

  • Purpose: This course delivers the fundamental knowledge for the high-level architecture of the cybersecurity solution. The content for each topic can be mapped to either the Auto-ISAC Governance Best Practice Guide or the standards recommended in that guide. Upon completing this course, the student can create a practical, complete, and fully compliant automotive security architecture for the appropriate organizational application.

    Course Description: This course presents the concepts of cybersecurity for individuals or organizations seeking guidance on establishing a comprehensive vehicle cybersecurity effort. It offers best practices and implementation guidance to help individuals or organizations design, build, and institute an effective, organization-wide vehicle cybersecurity function. Topics include terminology, basic principles and paradigms, attacks, threats and vulnerabilities, security of operations, confidentiality, PII, management of risks, security analytics, ISO/SAE 21434, and a short intro to reverse engineering.

    Course Goals and Application: The contents of this course will help the student understand the structure, purpose, and intent of a complete and well-defined array of organizational governance processes for automotive cybersecurity. In that respect, the focus is on operational best practices as specified in commonly recognized, universally standard recommendations for the automobile industry. Learners will learn how to plan, implement, and maintain a comprehensive, strategic governance solution for an automotive ecosystem or build a coordinated set of systematic security behaviors into regular operation.

    It should be noted that the contents of this course is comprised of recommended best practices. Each of these practices aims to establish a particular standard aspect of cybersecurity. These functions are voluntary, non-prescriptive, and aspirational in nature. Organizations may use any part of this knowledge to determine a governance approach that best matches their unique risk landscape.

    Course Objectives: At the end of this course, the learner will be able to: itemize basic concepts, technologies, and issues to general cybersecurity such as: data classification, the CIA triad, security policy, PII and some of its implications, analysis of attack surfaces, understand paradigms such as least privilege, access controls, and security capabilities of hardware, understand the roles of security products, etc.

    Do you have a technical background and are entering into a cybersecurity position? A recent hire or an intern? If yes, sign up for Cybersecurity Basics.

    Alignments:

    UNECE R155: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management systems.

    UNECE R156: UN Regulation No. 156-Software update and software update management systems.

    ISO/FDIS 24089: The requirements and recommendations apply to vehicles, vehicle systems, ECUs, infrastructure, and the assembly and deployment of software update packages after the initial development. It is applicable to organizations involved in software update engineering for road vehicles.

    ISO/SAE 21434:2021 Road Vehicles - Cybersecurity Engineering: This document specifies engineering requirements for cybersecurity risk management regarding concept, product development, production, operation, maintenance and decommissioning of electrical and electronic (E/E) systems in road vehicles, including their components and interfaces.

    ISO 26262-1:2018: Road Vehicles - Functional Safety. Intended to be applied to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production road vehicles, excluding mopeds.

    Prerequisites: None. This course is entirely online and on-demand. Prerequisites: None. Refer to Registration Guidance.

    Method: Online, On-Demand

    Price: $500 USD

    Certificate: Certificate of Completion

  • Module Objective: Build the foundations of Zero Trust, teach the basics of authentication, the need to apply authentication to achieve principles of Zero Trust, Authentication methods of both handshakes and signatures will be taught, detail the challenges of Identity Management as it applies to authentication, and concepts will be brought together to teach how to create a permissions framework and manage authorizations within Automotive Products.

  • Module Objective: Provide the basic understanding of the intelligence analytic process to enable them to participate in the analysis and production of intelligence or to make best use of the intelligence and analytical resources available to support them.

  • Module Objective: Foundation in the principles of network planning, objective of implementing the principles of cybersecurity, networking technologies relevant to the auto industry, designing automotive network plans, learn to analyze the latest technologies present, identify the network purpose within network planning of design proposals, develop trust boundaries within a network plan, be able to classify the various state of the art networking technologies in the automotive industry. This course will not detail all the activities to complete a Threat Analyses and Risk Assessment (TARA).

  • Module Objective: Learn the cybersecurity lifecycle building blocks of the cybersecurity process, and its logical sequence to how cybersecurity systems are implemented. The bodies of knowledge includes information assurance, software and system engineering, and computer science.

  • Module Objective: Personally Identifiable Information (PII). Learn about what it is, its focus on unauthorized access release or use in hacks, what its disclosure can result in e.g., identity theft, blackmail, embarrassment, legal liability, and organizational distrust. Impact levels are discussed e.g., PII confidentiality impact.

  • Module Objective: Learn about the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and how this model is used for controlling risk in any threat environment. The process itself is strategic in its orientation and is based on well defined and commonly accepted best practice.

  • Module Objective: Learn how to implement a security operations plan. Governance, Risk and Compliance (GRC) is explained and how to develop this plan in an automotive domain. Learn how GRC can reduce costs, provide effective reporting, enhance information gathering, reduce confusion, provide a consistent vision for resource allocation, create unified efforts across functional areas within an organization, and provide comprehensive cybersecurity efforts and investments.

  • Module Objective: Learn the concepts that drive current-day threat modeling, fighting through adversity with cyber resiliency, identifying value and priorities, threat modeling analysis, and tools for analysis e.g., MITRE ATT&CK.

  • Module Objective: Learn how to comply with UNECE regulations regarding software security, discover how to formally communicate with an authorized approval authority, learn how to utilize a technical service for testing verification of conformance, and how to create a system to detect and prevent defects in code.

Secure Operations Management

  • Purpose: This module presents the basic concepts of lifecycle security operations for organizations seeking guidance on establishing a practical vehicle cybersecurity operational process. It contains best practices and guidance to help automobile companies design, implement, and operate an effective, everyday cybersecurity function within a business unit and any related organizational unit requiring vehicle cybersecurity operations. The module is designed to provide a top-level understanding of the best practices that underlie an effective automotive cybersecurity operation. The focus is on the operational application in the day-to-day application rather than how these concepts relate. Concept level topics were covered in Security Basics, but this model assumes that base knowledge and builds upon the concepts to start providing capabilities. Therefore, students will learn how to plan, implement, and maintain a secure, continuous lifecycle operation for an automotive application.

    Course Description: This course presents the general concepts of threat detection, risk identification and analysis, and incident response for companies seeking guidance on establishing practical and systematic protection against cyber threats. It provides a comprehensive set of best practices and implementation guidance to help companies design, build, and operate effective vehicle cybersecurity threat detection, risk management, and incident response activities in their operating environment. This module examines the critical topics of threat detection and analysis, risk identification, prioritization, mitigation, and sustainment, as well as subsequent incident management within a pragmatic automotive cybersecurity ecosystem. The focus will be on standard operational best practices generally recognized by the industry. Students will learn how to plan, implement, and maintain a comprehensive, strategic threat detection and associated risk management and incident response posture and a systematic response to incidents.

    Course Objectives: At the end of this course the student will understand US and international security policies and regulations to help their products go to market worldwide. They will also understand some US Government programs to help industry and some various protections offered by government agencies. Students will understand how to conduct Incident Response (IR), develop an IR Plan, and be able to share information efficiently with other community members.

    Example Roles: Business/Line Manager/Project Manager/Incident Responder/Intelligence Analyst/Auditor/Assessor

    Alignments:

    UNECE R155: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management systems.

    UNECE R156: UN Regulation No. 156-Software update and software update management systems.

    ISO/FDIS 24089: The requirements and recommendations apply to vehicles, vehicle systems, ECUs, infrastructure, and the assembly and deployment of software update packages after the initial development. It is applicable to organizations involved in software update engineering for road vehicles.

    ISO/SAE 21434:2021 Road Vehicles - Cybersecurity Engineering: This document specifies engineering requirements for cybersecurity risk management regarding concept, product development, production, operation, maintenance and decommissioning of electrical and electronic (E/E) systems in road vehicles, including their components and interfaces.

    ISO 26262-1:2018: Road Vehicles - Functional Safety: intended to be applied to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production road vehicles, excluding mopeds.

    Prerequisites: Cybersecurity Basics Module. Refer to Registration Guidance.

    Method: Online, On-Demand

    Certificate: Certificate of Completion

  • Module Objective: Learn to explain what an Incident Response (IR) playbook is, what its purpose articulates in automotive cybersecurity, what is the need for an IR playbook, how to scrutinize and how to develop an IR Playbook in your organization.

  • Module Objective: Learn the R156 cybersecurity requirements for vehicle approvals, the requirements and data handling for Global Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Discussion on NIST Cybersecurity Framework (CSF) and how to implement regulatory compliance into your organization is discussed.

  • Module Objective: Learning, understanding and becoming acquainted with government authorities as they pertain to cybersecurity e.g., Protected Critical Infrastructure Information (PCII), Critical Product Evaluation (CPE) program, National Cybersecurity and Communications Integration Center (NCCIC), NCCIC Cybersecurity Evaluation Tool (CSET), and several others that can be used within your organization.

  • Module Objective: Learn the best practices of the cybersecurity incident response function and this course will go in depth on the best practice recommendations for vehicular incident response. This course will consider the importance of a systematic and fully documented control architecture, the importance of baselines for cybersecurity risk management, the common terminology to better communicate cybersecurity risk, and the six (6) highly distinctive aspects of the process and the critical role that communication plays.

  • Module Objective: Learn what is an automotive vulnerability, the unique challenges the automotive industry faces when preparing a vulnerability management system, the different sources of vulnerabilities and how they differ.

  • Module Objective: This module focuses on the processes of identifying, managing, and mitigating automotive risk as prescribed by clauses six (6) and fifteen (15) of the ISO/SAE 21434 standard. Learn about the four (4) possible approaches to risk, risk management models, how to implement the risk management framework (RMF), operationalizing standard risk management, risk management planning, how to understand and categorize the environment, risk assessments, evaluate candidates for control, deployment of risk management controls, ISO 31000-2009 is discussed, and Automotive Threat and Risk Management (Clause 8, ISO/SAE 21434).

  • Module Objective: Learn the fundamentals of supply chain risk management (SCRM). Discussion of what is the software supply chain, brief history of software supply chain attacks and vulnerabilities, an analysis of prominent supply chain attacks, methods on how to improve the software supply chain integrity, definition and discussion on the software bill of material (SBOM) along with advantages and disadvantages of an SBOM.

Secure Engineering

  • Purpose: This course presents the basic concepts of lifecycle security operations for organizations seeking guidance on establishing a practical vehicle cybersecurity operational process. It contains best practices and guidance to help automobile companies design, implement, and operate an effective, everyday cybersecurity function within a business unit and any related organizational unit requiring vehicle cybersecurity operations. The module is designed to provide a top-level understanding of the best practices that underlie an effective automotive cybersecurity operation. The focus is on the operational application in the day-to-day application rather than how these concepts relate. Concept level topics were covered in Security Basics, but this model assumes that base knowledge and builds upon the concepts to start providing capabilities. Therefore, students will learn how to plan, implement, and maintain a secure, continuous lifecycle operation for an automotive application.

    Course Description: This course gives general information pertaining to how to look at vehicles communications and networks from a cybersecurity perspective and in particular detail to the automotive industry. Attention to the networks available in vehicles and the protocols they use including standard protocols such as CANBUS and Automotive Ethernet, but also more niche protocols such as FlexRay and legacy protocols often used to exploit a system (due to backwards compatibility requirements) such as K-Line. Students also get hands-on experience using Linux (Kali preferred) and are given labs to execute in a virtual environment with a set of targets.

    Course Goals and Application: This course provides the knowledge that engineers can use when creating architecture/design for vehicles (such as ways to implement cryptography, understanding of attack methods such as escalation of privilege and fuzzing), what NIST security guidelines are available for consideration, and the different networks and protocols (and some of their attendant dangers) exist in modern vehicles.

    Course Objectives: At the end of this course the learner will understand how to use Kali Linux to assess a security target and will have protocol information and vulnerability information for many of the popular, legacy, and niche protocols used in vehicle communications. They will additionally understand how to implement cryptography in design and in operation. They will understand what common controls and access methods are used generally and will have discussed the most appropriate for the automotive domain. Lastly, students will have knowledge about NIST guidelines for consideration as they design or implement vehicle designs at work.

    Example Roles: Product Security Analyst/Vulnerability Analyst/Function Owner/Systems Engineer/Test & Validation Engineer/Pen Tester/Product Security Architect

    Alignments:

    UNECE R155: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management systems.

    UNECE R156: UN Regulation No. 156-Software update and software update management systems.

    ISO/FDIS 24089: The requirements and recommendations apply to vehicles, vehicle systems, ECUs, infrastructure, and the assembly and deployment of software update packages after the initial development. It is applicable to organizations involved in software update engineering for road vehicles.

    ISO/SAE 21434:2021 Road Vehicles - Cybersecurity Engineering: This document specifies engineering requirements for cybersecurity risk management regarding concept, product development, production, operation, maintenance and decommissioning of electrical and electronic (E/E) systems in road vehicles, including their components and interfaces.

    ISO 26262-1:2018: Road Vehicles - Functional Safety. Intended to be applied to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production road vehicles, excluding mopeds.

    Prerequisites: Cybersecurity Basics Courses. Refer to Registration Guidance.

    Method: Online, On-Demand

    Certificate: Certificate of Completion

  • Module Objective: Learn about the Controller Area Network (CAN bus) comparison to other automotive protocols, discussion on CAN key features e.g., serial network, bus architecture, built in error handling, the physical layer and variations of SW, LSFT, topology (single bus vs. direct connection between every ECU), the CAN node (components of CAN ECU), the data link layer (CAN frame is discussed in detail), error detection in CAN and error frames, fault containment, diagnostics, and J1939 using CAN for heavy duty.

  • Module Objective: Learn to develop a framework of preparedness for cybersecurity, illustrate elements of a strong cybersecurity framework, manage levels of preparedness in anticipation of reasonable threats, building a framework to assemble and meet the needs of threats as they are identified, and establish an ongoing need for threat analysis in an automotive organization. Learn to define, categorize, and identify risk ownership.

  • Module Objective: Learn about automotive pen-testing, pen-testing motivation, legal and ethics, the penetration testing process, finding zero-day vulnerabilities, and the understanding of fuzzing. Scope with respect to information gathering, hardware, firmware, radio, and communication analysis is discussed.

  • Module Objective: Learn how to build/install Kali Linux from a downloaded distribution image, navigate Kali Linux with Linux basic command and graphical user interface techniques, complete Kali Linux system maintenance, updates, upgrades, and package installations, and learn to harden the Kali Linux operating system after installation.

  • Module Objective: Learn the Open Systems Interconnect (OSI) model’s conceptual framework. Discussion on the basic concepts of the OSI model, overview of conventional OSI layers, cross-layer functions, OSI application to automotive (the internal vehicle network), common vulnerabilities, risk analysis, Control Area Network (CAN bus) transmission, protocols, implementation, and nodes, automotive topologies are discussed, vehicle defense in depth: Threat Analyses and Risk Assessment (TARA), subnetting, and CAN security concerns.

  • Module Objective: This course draws the distinction of privacy and confidentiality, learn how to set up the characteristics of data and how to protect, learn to define how to link the data, various privacy laws and provisions are discussed.

  • Module Objective: Learn the methodology of cybersecurity resilience, its three principles, six arguments, and one equation. Learn the importance of cyber resilience to meeting compliance and business continuity needs, how to address your through life resilience needs including the face of cyber attacks, taking advantage of what we know using tools and techniques to achieve cyber resilience outcomes.

  • Module Objective: Learn the best practices for maintaining vehicle software security, how to test and analyze vehicle type risks and the attendant mitigations, how to implement software assurance in vehicle type design, how to document proper configuration control over vehicle software, and how to develop documentation of vehicle type compliance.

ACT PROGRAM ADVANCED LEARNING TRACK

INFORMATION COMING SOON (2025)

After completion of the course training, or based on your advanced experience, you may take the Capability Exam (CAPEX). This annual exam is a scenario-based online exercise developed to test your knowledge, skills, and abilities. Allow for six (6) hours to complete the exercise.

Please note, registration is currently not available.

Check out our ACT Frequently Asked Questions (FAQs) section to learn more about the requirements for the CAPEX and additional details on how to maintain the CASE certification.

Email us with Questions at ACT@automotiveisac.com

What are the Next Steps?