What are the specific specialties or paths we are interested in? Learning paths should probably follow a branched method with all paths originating from the same basic skills.
What individual skills are we covering? We should be granular and then the skills can be grouped by learning path later.
Controller Area Network (CAN)
WiFi 6E (V2X)
Skill / Knowledge categories
- Risk analysis methods (EVITA, HEAVENS, etc.; attack trees) - Access control models - Intrusion detection - Trusted computing - Malware - Privacy / GDPR - Incident response - Cryptographic technologies - Key management / KMS - Security testing - Penetration testing - Requirements based security testing - ... - Standards and laws (UNECE, UL, ISO, etc.) - Side-channel attacks - Secure coding - ...
Standard / common security mechanisms (can maybe be mapped to the components / technologies in the first list above) - SecOC - Secure Flashing - Secure Storage - Secure Boot / Trusted Boot / Authentic Boot - Security Event Logging - Secure Debug - Secure Diagnosis - ...