Length: 3 Days
Print Friendly, PDF & Email

ISO 21434 Training Workshop

ISO/SAE 21434 is a baseline for vehicle manufacturers and suppliers to ensure that cybersecurity risks are managed efficiently and effectively.

The standard was specifically developed to ensure the safety and security of the ultimate road-user/driver, and as such, the determinant levels of risk and corresponding cybersecurity measures are set based on the final impact on the driver.

ISO 21434 is extremely important for the automotive industry. It provides a standardized cybersecurity framework, establishes cybersecurity as an integral element of engineering throughout the lifecycle of a vehicle from the conceptual phase all the way through decommissioning.

It also ensures that cybersecurity is considered in post-production processes (software updates, service and maintenance, incident response etc.), and calls for effective methods of lessons learned, training and communication-related to automotive cybersecurity.

Since 2018, over 80 organizations worldwide have participated in the creation of ISO/SAE 21434 “Road vehicles – Cybersecurity engineering,” which is a standard that includes a set of guidelines for securing high-level processes in the design, manufacturing, maintenance and end-of-life phases of vehicles.

While it does not focus on software development or detailing the cybersecurity infrastructure of car subsystems, it defines cybersecurity processes for the cars’ different development phases to fulfill safety level requirements.

Everyone in the automotive industry is in agreement that ISO 21434 is much needed. It’s no secret that researchers have found a significant number of attack vectors in today’s connected cars. These modern vehicles are connected whenever they are within the range of a cellular network or via short-range radio frequency channels, much like how Bluetooth or Wi-Fi are usually enabled.

Cybercriminals can abuse these existing and unpatched security gaps to intercept and steal information, disrupt the car’s normal functions, or even attack the users and endanger their lives.

Unlike computers, the majority of the connected cars currently in the market do not have over-the-air (OTA) software updates, nor were they designed or manufactured with cybersecurity in mind. This is a critical gap that the industry plans to secure, starting with ISO 21434.

Modern connected cars now share networks with mobile devices and have features that have more in common with computers than traditional automobiles. Unfortunately, the increased demand for connectivity — and the rapid pace of development to meet it — inevitably increases the number of exposed and vulnerable components.

ISO Training Workshop Course by Tonex

ISO/SAE 21434 Training, Road Vehicles Cybersecurity Engineering Training Workshop is a 3-day course covering requirements for cybersecurity risk management regarding engineering for concept, analysis. development, production, operation, maintenance, and decommissioning for road vehicle electrical and electronic (E/E) systems, including their subsystems, components and interfaces.

ISO/SAE 21434 framework defines requirements for cybersecurity processes and a common language for communicating and managing cybersecurity risk applicable to series production road vehicle E/E systems, including their components and interfaces whose development or modification began after the publication of the document.

Topics Covered:

  • Overview of ISO/SAE 21434 Cybersecurity Framework
  • Management of cybersecurity
  • Risk assessment methods
  • Concept phase
  • Product development
  • Production, operations, and maintenance
  • Supporting processes

Course Modules:

Overview of ISO/SAE 21434 Framework

  • Overview
  • Goals and Objectives
  • Requirements and Recommendations

ISO/SAE 21434 Framework Cybersecurity Management

  • Cybersecurity Governance
  • Cybersecurity Risk Management
  • Organizational Cybersecurity Audit
  • Information Sharing
  • Management Systems
  • Tool Management
  • Information Security Management
  • Work Products

ISO/SAE 21434 Framework Cybersecurity Implementation

  • Cybersecurity Responsibilities and Their Assignment
  • Cybersecurity Planning
  • Tailoring of the Cybersecurity Activities
  • Reuse
  • Component Out of Context
  • Off-the-Shelf Component
  • Cybersecurity Case
  • Cybersecurity Assessment
  • Release for Post-Development
  • Work Products

Cybersecurity Activities

  • Cybersecurity Monitoring
  • Requirements and Recommendations
  • Cybersecurity Event Assessment
  • Requirements and Recommendations



ISO 21434 Training Workshop

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.