SAE J3061 and ISO 21434:2019 Cybersecurity Engineering Defense & Protection Against Attacks
Home > ISO Training > SAE J3061 and ISO 21434:2019 Cybersecurity
Seminar Content
This five-day seminar covers the most fundamental principles, techniques, and approaches to defend and protect vehicular assets from cyber-attacks. After covering threat and attack analysis, the course focuses on asset identification and monitoring. The course then moves to the important topic of access control and monitoring including response to incidents. The most practical aspects of the course is the manipulation of threats and the environment together with protecting assets and response planning. The course also covers material related to defense and protection from the ISO standard 21434. ISO 21434 is the draft cybersecurity standard that is applied to Cybersecurity Related Systems that include E/E, wired and wireless communication systems installed in production passenger vehicles.
This course combines presentations, along with in-class group exercises to put what you are learning into practice. Concepts are reinforced by a running case study of an air bag system.
Who Should Attend
Those involved in the design, development, and production of electrical and electronic based vehicle products, including the systems, software and hardware engineers, and managers. Basically, all those responsible for the development and implementation of hardware and software systems in motor vehicles.
Participants should be, or plan to be, actively managing, or involved in, or aware of electrical and/or electronic items, systems, or elements that are incorporated in motor vehicles. And have the abilities, education, and experience required for the above roles.
Recommended Training and/or Experience
Participants should be involved in or aware of software and hardware development as it relates to the motor vehicle industry.
Seminar Materials
Each participant will receive a seminar manual including case studies.
Seminar Goals
- Perform cybersecurity incident response focusing on security operations and prioritizing safety and availability.
- Critically analyze and apply information from vehicular threat reports on a regular basis.
- Identify vehicle assets and their network topologies and how to monitor the vehicle environment for abnormalities and threats. Methodologies such as in-vehicle network security monitoring and approaches to reducing the control system threat landscape will be introduced and reinforced.
- Analyze vehicular malware and extract the most important information needed to quickly scope the environment and understand the nature of the threat.
- How to operate through an attack and recover in a secure and safe manner.
- Determine cybersecurity impact ratings and describe strategies for minimizing exposure
- Identify vehicular assets and describe strategies for lowering their impact rating
- Outline effective implementations of cybersecurity controls
- Understand the most recent cybersecurity standards
Daily Agenda (approximate, based on class discussions)
Day One
- Chapter 1: Introduction to Course
- Introduction to Cybersecurity Defense and Protection
- Vehicle Cybersecurity Standards: ISO/SAE 21434
- ISO/SAE 21434 Terms and Definitions
- Vehicular cybersecurity landscape
- Cybersecurity Controls
- Chapter 2: Threat Analysis
- Case Study: Jeep Cherokee Hack
- Cyberattack Life Cycle and Threat Models
- Vehicular Threats
- Sharing and Consuming vehicular threat Intelligence
- Breakout Exercise 2: Item Definition
Day Two
- Chapter 3: Attack Analysis
- Vehicular Attack Surfaces
- Vehicular Attack Vectors
- Attack Feasibility Assessment
- Chapter 4: Asset Identification and Network Security Monitoring
- Vehicle Assets and Infrastructure Visibility
- Identifying and Reducing the Threat Landscape
- Vehicle Network Security Monitoring: Collection, Detection, and Analysis
Day Three
- Chapter 5: Access Control and Monitoring
- Cybersecurity Perimeters
- Interactive Remote Access
- External Communications and Access Points
- Chapter 6: Incident Response
- Incident Response and Digital Forensics Overview
- Preparing a Vehicle Incident Response Team
- Time-Critical Analysis
- Maintaining and Restoring Operations
Day Four
- Chapter 7: System Management
- Cybersecurity Management
- Physical and Logical Access Points
- Software Updates
- Malicious Code Prevention
- Configuration Change Management and Vulnerability Assessments
- Supporting Processes
- Chapter 8: Threat and Environment Manipulation
- Threat and Environment Manipulation Goals and Considerations
- Establishing a Safe Working Environment
- Malware Analysis Methodologies
- Indicators of Compromise
Day Five
- Chapter 9: Asset Protection and Response
- Evaluation Process
- Asset Protection
- Incident Reporting and Response Planning
- Incident Response Plan/Testing
- Reporting Requirements
- Cybersecurity Recovery Plans for vehicles
- Chapter 10: Active Defense and Incident Response
- Case study 1
- Case study 2
Related Courses
|
 Advanced Statistical Process Control (SPC)
|
| Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
| Basic Statistical Process Control (SPC)
|
| Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
| FMEA 4th Edition Update
|
| Implementing MMOG with IATF 16949:2016
|
| Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
| Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
| Total Productive Maintenance (TPM)
|
| Understanding Core Tools - APQP & PPAP
|
| Understanding Core Tools - DFMEA & DVP&R
|
| Understanding Core Tools - PFMEA & Control Plan
|
| Understanding Core Tools - Statistical Process Control (SPC)
|
| Understanding Core Tools - Measurement Systems Analysis (MSA)
|
| Production Part Approval Process (PPAP 4th Edition)
|
| APQP, FMEA and Control Plans (New Revision)
|
| APQP 2nd Edition
|
| Effective Problem Solving
|
| 7QC
|
| APQP/PPAP
|
| Machine Failure Mode Effect Analysis (MFMEA)
|
| Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
| Advanced Product Quality Planning (APQP) Overview
|
| Understanding the Five Phases of APQP
|
| APQP Manufacturing Process Development using PFMEA and PPAP
|
| Product Development using SFMEA, DFMEA and Associated Tools
|
| Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
| Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
| AIAG-VDA Product FMEA Overview
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Certification
|
| AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
| AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
| AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
| AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
| Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
| Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
| Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Executive Overview
|
| SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Auditing and Assessment
|
| SAE J3061 and ISO 21434:2019 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
| Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
| Reverse Failure Mode and Effect Analysis – RFMEA
|
| Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
| Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
| Preparing a Safety Case for Cybersecurity
|
| Transitioning to BS VI Understanding and Strategising
|
| Root Cause Analysis (RCA) - AIAG Approved
|
| Minitab Tools- AIAG Approved
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
| Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
| Writing Effective Requirements and Test Cases
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
Related Courses
|
| Advanced Statistical Process Control (SPC)
|
| Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
| Basic Statistical Process Control (SPC)
|
| Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
| FMEA 4th Edition Update
|
| Implementing MMOG with IATF 16949:2016
|
| Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
| Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
| Total Productive Maintenance (TPM)
|
| Understanding Core Tools - APQP & PPAP
|
| Understanding Core Tools - DFMEA & DVP&R
|
| Understanding Core Tools - PFMEA & Control Plan
|
| Understanding Core Tools - Statistical Process Control (SPC)
|
| Understanding Core Tools - Measurement Systems Analysis (MSA)
|
| Production Part Approval Process (PPAP 4th Edition)
|
| APQP, FMEA and Control Plans (New Revision)
|
| APQP 2nd Edition
|
| Effective Problem Solving
|
| 7QC
|
| APQP/PPAP
|
| Machine Failure Mode Effect Analysis (MFMEA)
|
| Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
| Advanced Product Quality Planning (APQP) Overview
|
| Understanding the Five Phases of APQP
|
| APQP Manufacturing Process Development using PFMEA and PPAP
|
| Product Development using SFMEA, DFMEA and Associated Tools
|
| Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
| Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
| AIAG-VDA Product FMEA Overview
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Certification
|
| AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
| AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
| AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
| AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
| Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
| Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
| Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Executive Overview
|
| SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers
|
| SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Auditing and Assessment
|
| SAE J3061 and ISO 21434:2019 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
| SAE J3061 and ISO 21434:2019 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
| Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
| Reverse Failure Mode and Effect Analysis – RFMEA
|
| Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
| Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
| Preparing a Safety Case for Cybersecurity
|
| Transitioning to BS VI Understanding and Strategising
|
| Root Cause Analysis (RCA) - AIAG Approved
|
| Minitab Tools- AIAG Approved
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
| Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
| Writing Effective Requirements and Test Cases
|
| Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
| Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
|
|