driving worldwide business excellence

SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers

Home > ISO Training > ISO 21434:2019 Conducting a Cybersecurity FMEA

Seminar Content

This two-day course will give the participant the base knowledge necessary for practitioners who will be involved in the development and assurance of automotive cybersecurity related to new products utilizing electrical and electronic elements through the use of the ISO/SAE 21434 Automotive Cybersecurity Management System standard applied to Cybersecurity Related Systems that include electric/electronic systems that are installed in production passenger vehicles.

Who Should Attend

This course is designed for managers and new product development support personnel.

Recommended Training and/or Experience

Participants should have a working knowledge of their organization’s New Product Development Process.

Seminar Materials

Each participant will receive a seminar manual including case studies.

Seminar Goals

  • Tailor the necessary activities to support automotive cybersecurity lifecycle management, development, production, operation, maintenance and decommissioning
  • Understand the integration of ISO/SAE 21434 with ISO 26262, APQP, IATF 16949 and other related standards.
  • Understand cybersecurity aspects of the entire development process (requirements specification, design, implementation, integration, verification, validation and validation)
  • Understand the automotive-specific risk-based approach for determining Cybersecurity Assurance Levels (CALs)
  • Use CALs for specifying the necessary cybersecurity requirements for achieving an acceptable residual risk
  • Provide requirements for validation and confirmation measures to ensure a sufficient and acceptable level of cybersecurity is being achieved.

Daily Agenda (approximate, based on class discussions)

Day One

  • Chapter 1: Introduction and Overview to ISO 21434
    • ISO 21434 Purpose, Scope and Framework
  • Chapter 2: Overall Cybersecurity Management (Clause 5)
    • Cybersecurity Governance
    • Cybersecurity Culture
    • Cybersecurity Risk Management
    • Cybersecurity Audit
    • Information sharing
    • Confirmation Measures
  • Chapter 3: Project Dependent Cybersecurity Management (Clause 6)
    • Tailoring of Cybersecurity Activities
    • System or Component out of Context
    • Cybersecurity Planning
    • Cybersecurity Case
    • Breakout Exercise 1: Safety Case Outline
  • Chapter 4: Post-Development Phases (Clauses 10-13)
    • Production, Operation, Maintenance, and Decommissioning
  • Chapter 5: Concept Phase (Clause 8)
    • Cybersecurity Relevance
    • Item Definition
    • Breakout Exercise 2: Item Definition

Day Two

  • Chapter 5: Concept Phase (Clause 8) (cont’d)
    • Threat Analysis and Risk Assessment (TARA)
    • Breakout Exercise 3: Threat and Risk Analysis
    • Cybersecurity Goals
    • Cybersecurity Concept
    • Breakout Exercise 4: Cybersecurity Requirements
  • Chapter 6: CAL-Oriented and Cybersecurity-Oriented Analyses (Annex F)
    • Cybersecurity Assurance Levels (CAL)
    • Usage of CALs
  • Chapter 7: Risk Assessment Methods (Clause 7)
    • Asset Identification
    • Vulnerability Analysis
    • Breakout Exercise 5: Vulnerability Analysis
    • Attack Feasibility Analysis
    • Risk Determination
    • Risk Treatment

SAE J3061 and ISO/SAE 21434:2019 Overview for Functional Safety Engineers

Search for Training

Course Keyword:

Series:

Start Date:

/ /

End Date:

/ /

Location:

Plantech-Omnex Partnership ppapandaudits