driving worldwide business excellence

SAE J3061 and ISO 21434:2019 Automotive Cybersecurity Certification

Home > ISO Training > ISO 21434:2019 Automotive Cybersecurity Certification

Seminar Content

This five-day seminar covers all 14 Clauses of the ISO 21434 standard to give those attending the information necessary to understand the standard, and move your organization toward conformance. ISO 21434 is the draft cybersecurity standard that is applied to Cybersecurity Related Systems that include electric/electronic, wired and wireless communication systems installed in production passenger vehicles. The course combines presentations with hands-on work and is conducted in English. There is an optional ISO 21434 Certification exam at the end of the class for those wanting to demonstrate and document their knowledge.

This course combines presentations, along with in-class group exercises to put what you are learning into practice. Concepts are reinforced by a running case study of an air bag system. Forms are used to complete the exercises as a part of the integrated workshops that include Item Definition, Threat Analysis and Risk Assessment (TARA), Cybersecurity Goals, CAL levels, Cybersecurity Concept, and Hardware/Software Interface.

Who Should Attend

Those involved in the design, development, and production of electrical and electronic based vehicle products, including the systems, software and hardware engineers, and managers. Basically, all those responsible for the development and implementation of hardware and software systems in motor vehicles.

Participants should be, or plan to be, actively managing, or involved in, or aware of electrical and/or electronic items, systems, or elements that are incorporated in motor vehicles. And have the abilities, education, and experience required for the above roles.

Recommended Training and/or Experience

Participants should be involved in or aware of software and hardware development as it relates to the motor vehicle industry.

Seminar Materials

Each participant will receive a seminar manual including case studies.

Seminar Goals

  • Tailor the necessary activities to support vehicle cybersecurity lifecycle management, development, production, operation, service, and decommissioning
  • Information provided in the class can be used for ISO 21434 implementation
  • Understand cybersecurity aspects of the entire development process including requirements specification, design, implementation, integration, verification, validation, and configuration.
  • Understand the risk-based approach for determining risk classes cybersecurity assurance levels (CALs)
  • Use CALs for achieving an acceptable residual risk
  • Provide requirements for validation and confirmation measures to ensure a sufficient and acceptable level of cybersecurity is being achieved.

Daily Agenda (approximate, based on class discussions)

Day One

  • Chapter 1: Introduction and Overview to ISO 21434
    • ISO 21434 Purpose, Scope and Framework
  • Chapter 2: Overall Cybersecurity Management (Clause 5)
    • Cybersecurity Governance
    • Cybersecurity Culture
    • Cybersecurity Risk Management
    • Cybersecurity Audit
    • Information sharing
    • Confirmation Measures
  • Chapter 3: Project Dependent Cybersecurity Management (Clause 6)
    • Tailoring of Cybersecurity Activities
    • System or Component out of Context
    • Cybersecurity Planning
    • Cybersecurity Case
    • Breakout Exercise 1: Safety Case Outline
  • Chapter 4: Post-Development Phases (Clauses 10-13)
    • Production, Operation, Maintenance, and Decommissioning
  • Chapter 5: Concept Phase (Clause 8)
    • Cybersecurity Relevance
    • Item Definition
    • Breakout Exercise 2: Item Definition

Day Two

  • Chapter 5: Concept Phase (Clause 8) (cont’d)
    • Threat Analysis and Risk Assessment (HARA)
    • Breakout Exercise 3: Threat and Risk Analysis
    • Cybersecurity Goals
    • Cybersecurity Concept
    • Breakout Exercise 4: Cybersecurity Requirements
  • Chapter 6: CAL-Oriented and Cybersecurity-Oriented Analyses (Annex F)
    • Cybersecurity Assurance Levels (CAL)
    • Usage of CALs
  • Chapter 7: Risk Assessment Methods (Clause 7)
    • Asset Identification
    • Vulnerability Analysis
    • Breakout Exercise 5: Vulnerability Analysis
    • Attack Feasibility Analysis
    • Risk Determination
    • Risk Treatment

Day Three

  • Chapter 8: Product Development I (Clause 9.1)
    • Introduction to Design & Verification
    • Structure of Cybersecurity Requirements
    • Refined Cybersecurity Design
    • Cybersecurity Controls
    • Design Principles
  • Chapter 9: Product Development II (Clause 9.1)
    • Hardware Development
    • Reference Model
    • Hardware Design Principles

Daily Agenda (approximate, based on class discussions) 

  • Chapter 10: Product Development III (Clause 9.1)
    • Software Development I
    • Design Principles
    • Breakout Exercise 6: Walkthrough vs. Inspection
    • Design Verification

Day Four

  • Chapter 11: Product Development IV (Clause 9.1)
    • Software Development II
    • Verification Compliance
    • Testing Environments
    • Item Integration and Testing
    • System Integration and Testing
    • Test Cases
  • Chapter 12: Validation at Vehicle Level & Release for Post-Development (Clauses 9.2 & 9.3)
    • Cybersecurity Validation
    • Cybersecurity Assessment
    • Breakout Exercise 6: Developing a Cybersecurity Case
    • Release for Post-Development

Daily Agenda (approximate, based on class discussions)

Day Five

  • Chapter 13: Supporting Processes (Clause 14)
    • Quality Management Systems
    • Change Management
    • Documentation Management
    • Configuration Management
    • Requirements Management
    • Verification
    • Breakout Exercise 8: Confidence in Management Systems
    • Tool Management
    • Distributed Cybersecurity Activities
  • Chapter 14: ISO 21434 Implementation Strategy

Optional ISO 21434 Certification Exam – Final 3 hours of Day Five

Three Levels of Certification

Level 1

Cybersecurity Engineer
Provisional (CSEP)

Knowledge Requirements:

  • One week of Automotive Cybersecurity Training and pass the ISO 21434 Certification exam.

Prerequisites:

  • At least three years of relevant professional experience, an engineering degree or work experience equivalency with degree.

Level 2

Cybersecurity Engineer (CSE)

Knowledge Requirements:

  • One week of Automotive Cybersecurity Training and pass the ISO 21434 Certification exam.

Prerequisites:

  • Submit a case study demonstrating experience in Automotive Cybersecurity that can be verified. The case study should demonstrate a broad understanding from Cybersecurity Plan to Cybersecurity Case (work products).
  • Interview with an Omnex Cybersecurity Expert.
  • At least five years of relevant industry experience.

Level 3

Cybersecurity Expert (CSX)

Knowledge Requirements:

  • One week of Automotive Cybersecurity Training and pass the ISO 21434 Certification exam

Prerequisites:

  • Submit two case studies demonstrating the ability to conduct confirmation reviews, evidence of communication and a broad understanding from Cybersecurity Plan to Cybersecurity Case.
  • Interview with an Omnex Cybersecurity Expert.
  • At least five years of relevant industry experience.

ISO 21434:2019 Automotive Cybersecurity Certification

Search for Training

Course Keyword:

Series:

Start Date:

/ /

End Date:

/ /

Location:

Plantech-Omnex Partnership ppapandaudits