SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Auditing and Assessment Certification
Home > ISO Training > SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Auditing and Assessment
Seminar Content
This five-day course is designed to provide the knowledge and skills required to perform audits and assessments for SAE J3061 and the ISO/SAE 21434 Cybersecurity Engineering Standard. This class will give you the information to Plan, Conduct and Report audit and assessment activities for SAE J3061 and ISO 21434:2019.
This course combines presentations, along with in-class group exercises to put what you are learning into practice. Concepts are reinforced by a series of breakout exercises on critical aspects of audits and assessments.
Who Should Attend
Those involved in the design, development, and production of electrical and electronic based vehicle products, including the systems, software and hardware engineers, and managers. Basically, all those responsible for the development and implementation of hardware and software systems in motor vehicles.
Participants should be, or plan to be, actively managing, or involved in, or aware of electrical and/or electronic items, systems, or elements that are incorporated in motor vehicles. And have the abilities, education, and experience required for the above roles.
Recommended Training and/or Experience
Participants should be involved in or aware of software and hardware development as it relates to the motor vehicle industry. A basic understanding of the SAE J3061 and ISO/SAE 21434 standard is recommended.
Seminar Materials
Each participant will receive a seminar manual including case studies.
Seminar Goals
- List and apply the main processes at the organizational and product levels that impact audits and assessments
- Review and understand a product’s CS requirements, goals, and prepare a cybersecurity Plan
- Develop the Cybersecurity Concept & Refined Cybersecurity Design
- List appropriate evidence for supporting audits and assessments
- Use risk levels and CALs for achieving an acceptable residual risk
- List the main elements and develop the structure of Audit and Assessment reports.
Daily Agenda (approximate, based on class discussions)
Day One
- Chapter 1: Introduction and Overview to ISO 21434
- ISO 21434 Purpose, Scope and Framework
- Chapter 2: Organizational Level Processes for Audit
- Overall Cybersecurity Management
- Project Dependent CybersecurityManagement
- Supporting Processes
- Cybersecurity Audit
- Cybersecurity Assessment
- Chapter 3: Cybersecurity Goals & Requirements
- Tailoring of Cybersecurity Activities
- System or Component out of Context
- Cybersecurity Planning
- Cybersecurity Requirements
- Cybersecurity Goals
- Breakout Exercise 1: Safety Case Outline
- Chapter 4: Preparing the Cybersecurity Plan
- Product Lifecycle
- The V-model
- Cybersecurity Planning
- Components of the Cybersecurity Plan
- Cybersecurity Case
- Chapter 5: Risk Assessment Methods (Clause 7)
- Cybersecurity Relevance
- Item Definition
- Asset Identification
- Breakout Exercise 2: Item Definition
Day Two
- Chapter 5: Risk Assessment Methods (Clause 7) (cont’d)
- Vulnerability Analysis
- Breakout Exercise 5: Vulnerability Analysis
- Attack Feasibility Analysis
- Risk Determination
- Risk Treatment
- Threat Analysis and Risk Assessment (TARA)
- Breakout Exercise 3: Threat and Risk Analysis
- Breakout Exercise 4: Cybersecurity Requirements
- Chapter 6: Cybersecurity Architecture
- System level architecture
- Hardware level architecture
- Software level architecture
- Implementation Considerations
- Chapter 7: Cybersecurity Concept & Refined Cybersecurity Design
- Cybersecurity Concept
- Refinement of Cybersecurity Requirements
- Refinement of Cybersecurity Design
Day Three
- Chapter 8: Supporting Processes
- Quality Management Systems
- Change Management
- Documentation Management
- Configuration Management
- Requirements Management
- Verification
- Breakout Exercise 8: Confidence in Management Systems
- Tool Management
- Distributed Cybersecurity Activities
- Chapter 9: Gathering Evidence for Achieving CS Goals
- Cybersecurity Assurance Levels (CAL)
- Usage of CALs
- List of Work Products
- Chapter 10: Producing Arguments for Achieving CS Goals
- Architectural Arguments
- Design Arguments
- Breakout Exercise 6: Walkthrough vs. Inspection
- Implementation Arguments
- Verification Arguments
- Validation Arguments
Day Four
- Chapter 11: Preparing Work Products
- Management Oriented Work Products
- Work Products at the Concept Phase
- Work Products at the Product Development Phase
- Work Products at the Post-Development Phases
- Chapter 12: Preparing the Cybersecurity Case
- Summary of the Cybersecurity Evidence
- Summary of the Cybersecurity Argument
- Elements of the Cybersecurity Case
- Breakout Exercise 6: Developing a Cybersecurity Case
Day Five
- Chapter 13: Preparing the Audit Report
- Summary of Organizational Processes
- Elements of the Audit Report
- Chapter 14: Preparing the Assessment Report
- Summary of the Cybersecurity Plan
- Summary of the Work Products
- Summary of the Cybersecurity Case
- Elements of the Assessment Report
Note: The materials will include SAE J3061 content as applicable. Contact Omnex for the Auditor and Assessor Competencies and Learning Objectives of this course.
Levels of Certification
Level 1
Internal Auditor Provisional
|
Knowledge Requirements:
- 1 week of Cybersecurity Auditor Training and candidates must pass exam
|
Level 2
Certified Internal Auditor
|
Knowledge Requirements:
- 1 week of Cybersecurity Auditor Training and candidates must pass exam Prerequisites:
- 10 audits or assessments in the past 3 years
|
|
|
Related Courses
|
 Advanced Statistical Process Control (SPC)
|
| Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
| Basic Statistical Process Control (SPC)
|
| Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
| FMEA 4th Edition Update
|
| Implementing MMOG with IATF 16949:2016
|
| Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
| Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
| Total Productive Maintenance (TPM)
|
| Understanding Core Tools - APQP & PPAP
|
| Understanding Core Tools - DFMEA & DVP&R
|
| Understanding Core Tools - PFMEA & Control Plan
|
| Understanding Core Tools - Statistical Process Control (SPC)
|
| Understanding Core Tools - Measurement Systems Analysis (MSA)
|
| Production Part Approval Process (PPAP 4th Edition)
|
| APQP, FMEA and Control Plans (New Revision)
|
| APQP 2nd Edition
|
| Effective Problem Solving
|
| 7QC
|
| APQP/PPAP
|
| Machine Failure Mode Effect Analysis (MFMEA)
|
| Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
| Advanced Product Quality Planning (APQP) Overview
|
| Understanding the Five Phases of APQP
|
| APQP Manufacturing Process Development using PFMEA and PPAP
|
| Product Development using SFMEA, DFMEA and Associated Tools
|
| Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
| Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
| AIAG-VDA Product FMEA Overview
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Certification
|
| AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
| AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
| AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
| AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
| Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
| Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
| Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Executive Overview
|
| SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Engineering Defense & Protection Against Attacks
|
| SAE J3061 and ISO 21434:2019 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
| Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
| Reverse Failure Mode and Effect Analysis – RFMEA
|
| Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
| Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
| Preparing a Cybersecurity Case
|
| Transitioning to BS VI Understanding and Strategising
|
| Root Cause Analysis (RCA) - AIAG Approved
|
| Minitab Tools- AIAG Approved
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
| Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
| Writing Effective Requirements and Test Cases
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
Related Courses
|
| Advanced Statistical Process Control (SPC)
|
| Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
| Basic Statistical Process Control (SPC)
|
| Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
| FMEA 4th Edition Update
|
| Implementing MMOG with IATF 16949:2016
|
| Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
| Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
| Total Productive Maintenance (TPM)
|
| Understanding Core Tools - APQP & PPAP
|
| Understanding Core Tools - DFMEA & DVP&R
|
| Understanding Core Tools - PFMEA & Control Plan
|
| Understanding Core Tools - Statistical Process Control (SPC)
|
| Understanding Core Tools - Measurement Systems Analysis (MSA)
|
| Production Part Approval Process (PPAP 4th Edition)
|
| APQP, FMEA and Control Plans (New Revision)
|
| APQP 2nd Edition
|
| Effective Problem Solving
|
| 7QC
|
| APQP/PPAP
|
| Machine Failure Mode Effect Analysis (MFMEA)
|
| Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
| Advanced Product Quality Planning (APQP) Overview
|
| Understanding the Five Phases of APQP
|
| APQP Manufacturing Process Development using PFMEA and PPAP
|
| Product Development using SFMEA, DFMEA and Associated Tools
|
| Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
| Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
| AIAG-VDA Product FMEA Overview
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Certification
|
| AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
| AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
| AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
| AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
| Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
| Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
| Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Executive Overview
|
| SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Engineering Defense & Protection Against Attacks
|
| SAE J3061 and ISO 21434:2019 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
| Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
| Reverse Failure Mode and Effect Analysis – RFMEA
|
| Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
| Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
| Preparing a Cybersecurity Case
|
| Transitioning to BS VI Understanding and Strategising
|
| Root Cause Analysis (RCA) - AIAG Approved
|
| Minitab Tools- AIAG Approved
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
| Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
| Writing Effective Requirements and Test Cases
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
|
|