ISO 21434 Training Workshop
ISO 21434 has taken on new importance following the executive order from the White House to improve the nation’s cybersecurity.
ISO 21434 is a key piece of the cybersecurity puzzle. ISO 21434 “Road vehicles — cybersecurity engineering” is an automotive standard currently under development. It focuses on the cybersecurity risk in road vehicle electronic systems.
ISO 21434 is important because with the increase in connectivity in vehicles and the development of autonomous cars, the risks of cyberattack and subsequent damage also increase. Most authorities in cybersecurity believe the current safety-critical standards are not sufficient to cover this type of risk and therefore new guidelines and standards need to be established.
The intent behind the standard is to provide a structured process to ensure that cybersecurity considerations are incorporated into automotive products throughout their lifetime.
The standard will require automotive manufacturers and suppliers to demonstrate due diligence in the implementation of cybersecurity engineering and that cybersecurity management is applied throughout the supply chain to support it.
ISO 21434 covers all stages of a vehicle’s lifecycle — from design through to decommissioning by the application of cybersecurity engineering. This applies to all electronic systems, components, and software in the vehicle, plus any external connectivity.
Additionally, ISO 21434 provides developers with a comprehensive approach to implementing security safeguards that span the entire supplier chain.
Manufacturers, developers, suppliers and organizations need to consider several points in a security risk assessment, such as:
- Identification of assets and potential damage resulting from a breach of security features
- Identification and analysis of possible threats, attacks and vulnerabilities
- Determination of risk levels based on damage scenarios and the probability of successful attacks
- Take countermeasures until the remaining risk is acceptable
- Documentation of the important steps and results of the risk assessment process, such as asset lists, damage scenarios, attack reports or risk reports
ISO Training Workshop Course by Tonex
ISO/SAE 21434 Training, Road Vehicles Cybersecurity Engineering Training Workshop is a 3-day course covering requirements for cybersecurity risk management regarding engineering for concept, analysis, development, production, operation, maintenance, and decommissioning for road vehicle electrical and electronic (E/E) systems, including their subsystems, components and interfaces.
ISO/SAE 21434 framework defines requirements for cybersecurity processes and a common language for communicating and managing cybersecurity risk applicable to series production road vehicle E/E systems, including their components and interfaces whose development or modification began after the publication of the document.
Topics Covered:
- Overview of ISO/SAE 21434 Cybersecurity Framework
- Management of cybersecurity
- Risk assessment methods
- Concept phase
- Product development
- Production, operations, and maintenance
- Supporting processes
Course Modules:
Overview of ISO/SAE 21434 Framework
- Overview
- Goals and Objectives
- Requirements and Recommendations
ISO/SAE 21434 Framework Cybersecurity Management
- Cybersecurity Governance
- Cybersecurity Risk Management
- Organizational Cybersecurity Audit
- Information Sharing
- Management Systems
- Tool Management
- Information Security Management
- Work Products
ISO/SAE 21434 Framework Cybersecurity Implementation
- Cybersecurity Responsibilities and Their Assignment
- Cybersecurity Planning
- Tailoring of the Cybersecurity Activities
- Reuse
- Component Out of Context
- Off-the-Shelf Component
- Cybersecurity Case
- Cybersecurity Assessment
- Release for Post-Development
- Work Products
Cybersecurity Activities
- Cybersecurity Monitoring
- Requirements and Recommendations
- Cybersecurity Event Assessment
- Requirements and Recommendations
ISO 21434 Training Workshop