SAE J3061 and ISO 21434:2020 Automotive Cybersecurity Certification
Home > ISO Training > SAE J3061 and ISO 21434:2020 Automotive Cybersecurity Certification
Seminar Content
This five-day seminar covers all 14Clauses of the ISO 21434 standard to give those attending the information necessary to understand the standard, and move your organization toward conformance.. An overview of ISO 27001, United Nations (UN) regulation WP.29, and VDA ACMS (Automotive Cybersecurity Management System) will also be provided. ISO 21434 is the draft cybersecurity standard that is applied to Cybersecurity Related Systems that include electric/electronic, wired and wireless communication systems installed in production passenger vehicles. The course combines presentations with hands-on work and is conducted in English. There is an optional ISO 21434 Certification exam at the end of the class for those wanting to demonstrate and document their knowledge.
This course combines presentations, along with in-class group exercises to put what you are learning into practice. Concepts are reinforced by a running case study of an air bag system. Forms are used to complete the exercises as a part of the integrated workshops that include Item Definition, Threat Analysis and Risk Assessment (TARA), Cybersecurity Goals, CAL levels, Cybersecurity Concept, and Hardware/Software Interface.
Who Should Attend
Those involved in the design, development, and production of electrical and electronic based vehicle products, including the systems, software and hardware engineers, and managers. Basically, all those responsible for the development and implementation of hardware and software systems in motor vehicles.
Participants should be, or plan to be, actively managing, or involved in, or aware of electrical and/or electronic items, systems, or elements that are incorporated in motor vehicles. And have the abilities, education, and experience required for the above roles.
Recommended Training and/or Experience
Participants should be involved in or aware of software and hardware development as it relates to the motor vehicle industry.
Seminar Materials
Each participant will receive a seminar manual including case studies.
Seminar Goals
- Tailor the necessary activities to support vehicle cybersecurity lifecycle management, development, production, operation, service, and decommissioning
- Information provided in the class can be used for ISO 21434 implementation
- Understand cybersecurity aspects of the entire development process including requirements specification, design, implementation, integration, verification, validation, and configuration.
- Understand the risk-based approach for determining risk classes cybersecurity assurance levels (CALs)
- Use CALs for achieving an acceptable residual risk
- Provide requirements for validation and confirmation measures to ensure a sufficient and acceptable level of cybersecurity is being achieved.
Daily Agenda (approximate, based on class discussions)
Day One
- Chapter 1: Introduction and Overview to ISO 21434, ISO 27001, WP.29, and VDA ACMS.
- ISO 21434 Purpose, Scope and Framework
- Chapter 2: Overall Cybersecurity Management (Clause 5)
- Cybersecurity Governance
- Cybersecurity Culture
- Cybersecurity Risk Management
- Cybersecurity Audit
- Information sharing
- Confirmation Measures
- Chapter 3: Project Dependent Cybersecurity Management (Clause 6)
- Tailoring of Cybersecurity Activities
- System or Component out of Context
- Cybersecurity Planning
- Cybersecurity Case
- Breakout Exercise 1: Safety Case Outline
- Chapter 4: Post-Development Phases (Clauses 10-13)
- Production, Operation, Maintenance, and Decommissioning
- Chapter 5: Concept Phase (Clause 8)
- Cybersecurity Relevance
- Item Definition
- Breakout Exercise 2: Item Definition
Day Two
- Chapter 5: Concept Phase (Clause 8) (cont’d)
- Threat Analysis and Risk Assessment (HARA)
- Breakout Exercise 3: Threat and Risk Analysis
- Cybersecurity Goals
- Cybersecurity Concept
- Breakout Exercise 4: Cybersecurity Requirements
- Chapter 6: CAL-Oriented and Cybersecurity-Oriented Analyses (Annex F)
- Cybersecurity Assurance Levels (CAL)
- Usage of CALs
- Chapter 7: Risk Assessment Methods (Clause 7)
- Asset Identification
- Vulnerability Analysis
- Breakout Exercise 5: Vulnerability Analysis
- Attack Feasibility Analysis
- Risk Determination
- Risk Treatment
Day Three
- Chapter 8: Product Development I (Clause 9.1)
- Introduction to Design & Verification
- Structure of Cybersecurity Requirements
- Refined Cybersecurity Design
- Cybersecurity Controls
- Design Principles
- Chapter 9: Product Development II (Clause 9.1)
- Hardware Development
- Reference Model
- Hardware Design Principles
- Chapter 10: Product Development III (Clause 9.1)
- Software Development I
- Design Principles
- Breakout Exercise 6: Walkthrough vs. Inspection
- Design Verification
Day Four
- Chapter 11: Product Development IV (Clause 9.1)
- Software Development II
- Verification Compliance
- Testing Environments
- Item Integration and Testing
- System Integration and Testing
- Test Cases
- Chapter 12: Validation at Vehicle Level & Release for Post-Development (Clauses 9.2 & 9.3)
- Cybersecurity Validation
- Cybersecurity Assessment
- Breakout Exercise 6: Developing a Cybersecurity Case
- Release for Post-Development
Day Five
- Chapter 13: Supporting Processes (Clause 14)
- Quality Management Systems
- Change Management
- Documentation Management
- Configuration Management
- Requirements Management
- Verification
- Breakout Exercise 8: Confidence in Management Systems
- Tool Management
- Distributed Cybersecurity Activities
- Chapter 14: ISO 21434 Implementation Strategy
Optional ISO 21434Certification Exam – Final 3 hours of Day Five
Note: The materials will include SAE J3061 content as applicable. Contact Omnex for the Auditor and Assessor Competencies and Learning Objectives of this course.
Three Levels of Certification
Level 1
Cybersecurity Engineer
|
Knowledge Requirements:
- • 1 week of Cybersecurity training and candidates must pass a three hour final exam.
- Prerequisites:
- • •At least 3 years of relevant professional experience,
|
Level 2
Cybersecurity Engineer Professional
|
Knowledge Requirements:
- • 1 week of Cybersecurity training and candidates must pass a three hour final exam.
Prerequisites:
- • One case study demonstrating experience in Cybersecurity which can be verified. The case study should show a broad understanding fromCybersecurityPlan to Cybersecurity Case (work products)
- • Interview
- • At least 5 years of relevant industry experience.
|
Level 3
Cybersecurity Expert
|
Knowledge Requirements:
- • 1 week of Cybersecurity training and candidates must pass a three hour final exam.
Prerequisites:
- • Two case studies demonstrating ability to do confirmation measures, evidence of communication.
- • Interview
- • At least 10 years of relevant industry experience.
|
Related Courses
|
Advanced Statistical Process Control (SPC)
|
Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
Basic Statistical Process Control (SPC)
|
Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
FMEA 4th Edition Update
|
Implementing MMOG with IATF 16949:2016
|
Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
Total Productive Maintenance (TPM)
|
Understanding Core Tools - APQP & PPAP
|
Understanding Core Tools - DFMEA & DVP&R
|
Understanding Core Tools - PFMEA & Control Plan
|
Understanding Core Tools - Statistical Process Control (SPC)
|
Understanding Core Tools - Measurement Systems Analysis (MSA)
|
Production Part Approval Process (PPAP 4th Edition)
|
APQP, FMEA and Control Plans (New Revision)
|
APQP 2nd Edition
|
Effective Problem Solving
|
7QC
|
APQP/PPAP
|
Machine Failure Mode Effect Analysis (MFMEA)
|
Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
Advanced Product Quality Planning (APQP) Overview
|
Understanding the Five Phases of APQP
|
APQP Manufacturing Process Development using PFMEA and PPAP
|
Product Development using SFMEA, DFMEA and Associated Tools
|
Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
AIAG-VDA Product FMEA Overview
|
AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
SAE J3061, ISO 21434:2020, and Related Standards: Automotive Cybersecurity Executive Overview
|
SAE J3061,ISO/SAE 21434:2020, and Related Standards: Overview for Functional Safety Engineers
|
SAE J3061 and ISO 21434:2020 Cybersecurity Engineering Defense & Protection Against Attacks
|
SAE J3061 and ISO 21434:2020 Automotive Cybersecurity Auditing and Assessment Certification
|
SAE J3061 and ISO 21434:2020 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
SAE J3061 and ISO 21434:2020 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
Reverse Failure Mode and Effect Analysis – RFMEA
|
Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
Preparing a Cybersecurity Case
|
Transitioning to BS VI Understanding and Strategising
|
Root Cause Analysis (RCA) - AIAG Approved
|
Minitab Tools- AIAG Approved
|
Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
Writing Effective Requirements and Test Cases
|
Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
WP.29, ISO21434, and VDA CSMS - Automotive Cybersecurity Management Systems
|
Related Courses
|
Advanced Statistical Process Control (SPC)
|
Manufacturing Process Development using PFMEA (Process Flow, PFMEA, Control Plan, Part & Process Approval)
|
Basic Statistical Process Control (SPC)
|
Understanding Core Tools - (APQP, PPAP, DFMEA, DVP&R, PFMEA, Control Plan, SPC and MSA)
|
FMEA 4th Edition Update
|
Implementing MMOG with IATF 16949:2016
|
Measurement Systems Analysis (MSA) and Advanced Analysis (ANOVA)
|
Production Part Approval Process (PPAP) Workshop with IATF 16949:2016
|
Total Productive Maintenance (TPM)
|
Understanding Core Tools - APQP & PPAP
|
Understanding Core Tools - DFMEA & DVP&R
|
Understanding Core Tools - PFMEA & Control Plan
|
Understanding Core Tools - Statistical Process Control (SPC)
|
Understanding Core Tools - Measurement Systems Analysis (MSA)
|
Production Part Approval Process (PPAP 4th Edition)
|
APQP, FMEA and Control Plans (New Revision)
|
APQP 2nd Edition
|
Effective Problem Solving
|
7QC
|
APQP/PPAP
|
Machine Failure Mode Effect Analysis (MFMEA)
|
Understanding AIAG Sub-tier Supplier Management (CQI-19)
|
Advanced Product Quality Planning (APQP) Overview
|
Understanding the Five Phases of APQP
|
APQP Manufacturing Process Development using PFMEA and PPAP
|
Product Development using SFMEA, DFMEA and Associated Tools
|
Measurement Systems Analysis(MSA) and Statistical Process Control (SPC)
|
Conducting Internal and Supplier (Second Party) Audits to Automotive SPICE
|
AIAG-VDA Product FMEA Overview
|
AIAG-VDA DFMEA (SFMEA and DFMEA) for Practitioners and Facilitators
|
AIAG-VDA FMEA for Managers and Implementers – Implementation Training
|
AIAG-VDA FMEA Understanding, Implications, and Strategy Executive Overview
|
AIAG-VDA Process FMEA and Control Plans for Practitioners and Facilitators
|
Understanding AIAG-VDA DFMEA (SFMEA and DFMEA) for Design and Project Team Members
|
Understanding AIAG-VDA Process FMEA and Control Plans for Process and Project Team Members
|
Product Integrity for the Product Safety & Conformance Representative (PSCR)
|
SAE J3061, ISO 21434:2020, and Related Standards: Automotive Cybersecurity Executive Overview
|
SAE J3061,ISO/SAE 21434:2020, and Related Standards: Overview for Functional Safety Engineers
|
SAE J3061 and ISO 21434:2020 Cybersecurity Engineering Defense & Protection Against Attacks
|
SAE J3061 and ISO 21434:2020 Automotive Cybersecurity Auditing and Assessment Certification
|
SAE J3061 and ISO 21434:2020 Conducting a Cybersecurity FMEA and Vulnerability Analysis Testing for Systems, Hardware and Software
|
SAE J3061 and ISO 21434:2020 Cybersecurity Threat Analysis and Risk Assessment (TARA)
|
Introduction to Autonomous and Electric Vehicles: A Functional Safety, SOTIF, and Cybersecurity Perspective
|
Reverse Failure Mode and Effect Analysis – RFMEA
|
Introduction to Systems Engineering: A Safety and Cybersecurity Perspective
|
Writing Effective Requirements, Test Cases, and H/S Interfaces for Cybersecurity
|
Preparing a Cybersecurity Case
|
Transitioning to BS VI Understanding and Strategising
|
Root Cause Analysis (RCA) - AIAG Approved
|
Minitab Tools- AIAG Approved
|
Multipoint DFMEA for Mechatronic and Electronic Systems using AIAG FMEA 4th Edition
|
Writing Effective Requirements and Test Cases for Automotive Software Performance Improvement and Capability Determination (ASPICE) and HWE PRM/PAM
|
Writing Effective Requirements and Test Cases
|
Multipoint DFMEA for Mechatronic and Electronic Systems using the AIAG-VDA FMEA Handbook Methodology
|
Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG FMEA 4th Edition Methodology
|
Understanding Core Tools (APQP/PPAP, DFMEA, DVP&R, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
Understanding Core Tools (APQP/PPAP, PFMEA, Control Plans, SPC and MSA) Following the AIAG-VDA FMEA 1st Edition Methodology
|
WP.29, ISO21434, and VDA CSMS - Automotive Cybersecurity Management Systems
|
|
|