Module 3: Cybersecurity for CAVs: Safety and Security Assurance Against Cyber-Physical Attacks
Course Overview: This course will cover a wide range of topics in security and safety for CAVs (Connected and Automated Vehicles), providing a broad introduction of the CAV ecosystem, followed by both known attacks and emerging attacks (e.g., adversarial machine learning), along with defense solutions. The course will provide the introduction of the CAV software stack, the core algorithms, and the role that Machine Learning/AI plays in Transportation, Automated Vehicles, and Connected Vehicles. It also covers how connectivity between vehicles (e.g., using CV2X or DSRC support) can enable new capabilities such as cooperative sensing to improve safety and security of CAV based driving. The second part of the course will cover advanced topics such as hardening the CAV ecosystem and reducing cybersecurity risks, which requires a concerted, multi-pronged approach that incorporates vehicles, diverse sensors, roadside units, transportation, and digital infrastructure including cellular networks and edge/cloud computing facilities. We will survey the existing work in a security analysis framework to study various cybersecurity risks in the CAV ecosystems. The course will conclude with some research results in understanding new attacks on AI (artificial intelligence) algorithms and systems used for cooperative driving and proposed potential new directions in mitigating such threats. Throughout this course, we will also cover the standards and best common practices from industry and standards bodies related to security and safety.
Course Instructor(s): Z. Morley Mao, Professor of Electrical Engineering and Computer Science — University of Michigan
Dr. Andre Weimerskirch, Chief Operating Officer — Block Harbor Cybersecurity
Dr. Morley Mao received their B.S., M.S., and Ph.D. degrees from the University of California at Berkeley. They are a recipient of the NSF CAREER Award, Sloan Fellowship, and the IBM Faculty Partnership Award. They have been named the Morris Wellman Faculty Development Professor. Their research interests encompass network systems, mobile and distributed systems, and network/systems security. Their work involves both empirical data collection and analysis, as well as the design and implementation of new systems.

Dr. André Weimerskirch is COO of Block Harbor Cybersecurity. Before that, André was Vice President for Product Integrity and Technology at Lear Corporation where he was responsible for product security, functional safety, platform software, and validation labs. André also established the transportation cybersecurity group at the University of Michigan Transportation Research Institute (UMTRI) and still holds an Adjunct Associate Research Scientist appointment. André co-founded the embedded systems security company ESCRYPT in 2004 which was sold to Bosch in 2012.
André is active in all areas of transportation cybersecurity and privacy, he is a main designer of the American vehicle-to-vehicle (V2V) SCMS security system, published numerous articles in automotive and embedded cyber security. He is co-founder of the American workshop on embedded security in cars (escar USA), co-chairs the CCAT cybersecurity working group at the University of Michigan and is an advisor to the University of Michigan Dearborn Computer and Information Science Department.
Winter 2026 Office Hours (Z. Morley Mao): Wednesday, March 25th | 10:00 – 11:00 AM ET
Link: https://umich.zoom.us/my/morleymao
Winter 2026 Office Hours (Andre Weimerskirch): Friday, March 27th | 1:00 – 2:00 PM ET
Link: TBD
Course Content
Section 0: Introduction
Section 0 Videos
Section 1-4: Introduction of Perception Systems, Sensor Fusion of a Single Vehicle, etc.
Section 1-4 Description
In this section, you can expect:
- An introduction of CAVs, infrastructure, automotive electronics, and vehicle architectures
- To learn how the different entities contribute to the CAV ecosystem, the dependencies, the standards, and how new technology is introduced and adopted
- An introduction of CAV’s impact on the transportation system
- To learn how CAVs can improve the safety of the transportation system: the current deployment status and future plans.
Section 1-4 Videos
Section 1-4 Quiz
Section 5-8: Security and Safety Foundations
Section 5-8 Description
In this section, you can expect to learn the following:
- Underlying cryptography and security relevant to CAVs
- Underlying safety theory/mechanisms relevant to CAVs
- Secure hardware and secure boot
- Secure FOTA and secure in-vehicle communication
Section 5 Videos — Introduction to Cryptography
Section 5.1 Quiz
Section 5.2 Quiz
Section 5.3 Quiz
Section 8 Videos — Secure FOTA and Secure In-vehicle Communication
Section 8 Quiz
Section 9: Software Defined Vehicles: Security and Safety Considerations
Section 9 Description
In this section, you can expect to learn:
- SDV and embedding vehicles in ecosystem: in-vehicle
Section 9 Videos
Section 9 Quiz
Section 10-12.5: Connected Aspects of CAV: V2X (Security and Safety)
Section 10-12.5 Description
In this section, you can expect:
- An overview of V2X technology and applications
- To learn V2X security standards
- To learn V2X robustness improvement
- To learn about collaborative applications (security thereof), and collaborative security applications such as collaborative misbehavior detection
- To learn collaborative perception/sensing
Section 12.5 Videos — Collaborative Perception
Section 12.5 Quiz
Section 13-16: Security of AVs (Single Vehicle)
Section 13-16 Description
In this section, you can expect:
- An introduction to AI/ML and AML (adversarial Machine Learning)
- To learn about trajectory prediction, AI/ML applications and security
- To learn about sensor security: sensor spoofing attacks (e.g., LiDAR spoofing)
- To learn about the security of perception systems, sensor fusion of a single vehicle, etc.
Section 17: Security of CAV-based Transportation System
Section 17 Description
In this section, you can expect to learn:
- About defense against data spoofing attacks (collaborative sensing)
Section 17 Videos
Section 17 Quiz
Section 18-19.5: SOC/Monitoring/Anomaly Detection
Section 18-19.5 Description
In this section, you can expect:
- To learn about IDS in vehicles and ML/Anomaly detection to find issues
- To learn about Vehicle SOC
Section 20-21: Overview of Research Hacks and Future Directions
Section 20-21 Description
In this section, you can expect:
- To learn about the Jeep Cherokee Hack
- To learn about other interesting hacks
Section 22-23: Standards and Regulations
Section 22-23 Description
In this section, you can expect:
- An overview of standards, standards bodies and processes
- An overview of automotive cybersecurity engineering
Section 24: Conclusion & Summary
Section 24 Description
In this section, you can expect:
- To learn about future challenges in this space

