The objective of the training is to create awareness on automotive cybersecurity and introduce ISO 21434: Road vehicles – Cybersecurity Engineering risk assessment method and process over Software Development Lifecycle (SDLC).
Software Development Lifecycle (SDLC)
Modules:
- Automotive cybersecurity relevant regulations and standards
- Statistics and insights on common cybersecurity attacks
- Overview on ISO 21434 Cybersecurity Engineering activities over SDLC
- Overview on 21434 Cybersecurity work products
- Introduction to cybersecurity monitoring and incident support
Duration: 2 hours
Target Audience: All engineers from Research and Development (R&D)
Prerequisites: None
Cybersecurity Engineering
The objective of the training is detail the ISO 21434: Road vehicles – Cybersecurity Engineering work products and contents. The trainings is extended with insights on work products responsible, dependencies/inputs from different disciplines and verification methods
Modules:
- ISO 21434: Clause 6: Project dependent Cybersecurity management – Work products
- ISO 21434: Clause 7: Distributed Cybersecurity activities – Work products
- ISO 21434: Clause 8: Continual Cybersecurity activities – Work products
- ISO 21434: Concept phase – Work products
- ISO 21434: Product development phase – Work products
- ISO 21434: Post development phase – Work products
Duration: 6 hours
Target Audience: All engineers from Research and Development (R&D)
Prerequisites: None
Threat Analysis and Risk Assessment (TARA)
The objective of the training is to perform and understand the steps of the cybersecurity risk assessment method – Threat Analysis and Risk Assessment
Modules:
- Introduction on Threat Analysis and Risk Assessment (TARA)
- Asset Identification using Cybersecurity properties
- Damage scenario derivation and impact rating
- Identification of cybersecurity threats in relation to the cybersecurity properties
- Elicitation of attack tress for identified cybersecurity threats
- Evaluation and Attack feasibility rating
- Determination of risk value
- Determination of risk treatment
Duration: 6 hours
Target Audience: Cybersecurity engineers, Functional safety engineers, IT Security engineers , SOC analysts
Prerequisites: Automotive cybersecurity foundational Knowledge/Prior experience with automotive cybersecurity activities