top of page

Introduction to ISO/SAE 21434 Road vehicles Cybersecurity

Price

Inquiry

Duration

2 Days

Introduction to ISO/SAE 21434 Road vehicles Cybersecurity

Purpose

To give an introduction and overview of ISO/SAE 21434 content. Special focus on the early phases, such as risk assessment methods and concept development.

Goals

  • The participants shall get an overall understanding of

  • ISO/SAE 21434 structure and content.

  • Terminology and definitions.

  • Cybersecurity management including development of a ”Cybersecurity case”.

  • Continuous cybersecurity activities including vulnerability analysis.

  • Threat analysis and risk assessment including examples of risk assessment methods.

  • Cybersecurity requirements and cybersecurity concept.

  • Product development related to cybersecurity.

  • Cybersecurity validation.

  • Connection to ISO 26262.

Day 1

 

09:00     Introduction

  • What is cybersecurity?

  • UNECE regulation 155

  • ISO/SAE 21434

  • Comparison with ISO 26262


10:15              Break


10:30              Cybersecurity management

  • Overall cybersecurity management

  • Roles & culture

  • Process relation

  • Planning

  • Cybersecurity case

  • Off-the-shelf & out-of-context components

  • Item or component reuse

  • Audits & assessments

 

12:00              Lunch


13:00     Exercise and discussion


13:30     Distributed cybersecurity activities

  • Supplier capability

  • Request for quotation

  • Cybersecurity interface agreements

  • Alignment of responsibilities

 

13:50     Continual cybersecurity activities

  • Cybersecurity monitoring

  • Cybersecurity event assessment

  • Vulnerability analysis

  • Vulnerability management

  • Incident response

 

14:10     Break


14:30     Concept development (1)

  • Item definition


15:00     Exercise


15:30     Summary


16:00     End

 


 

Day 2

09:00     Introduction and recap from Day 1


09:30     Concept development (2) + Exercises

  • Cybersecurity goals (1)

    • Threat analysis and risk assessment (TARA)

    • Risk treatment


10:15     Break

  • Cybersecurity goals (2)

    • Cybersecurity goals

    • Cybersecurity claims

  • Cybersecurity concept


12:00     Lunch


13:00     Product development

  • Cybersecurity controls

  • System requirements

  • Architectural design

  • Software development

  • Vulnerability analysis

  • Integration and verification


13:45     Exercise


14:15     Break


14:30     Cybersecurity validation

  • Validation

  • Release for post-development


15:00                     Post-development

  • Production

  • Operations and maintenance

  • Cybersecurity incident response

  • End of support and decommissioning


15:30     Summary and conclusion


16:00     End

Nohau Training Partner

This course is provided by a Nohau Training Partner, a trusted provider of hands-on training for professionals in embedded systems, software development, and engineering.

Nohau Training Partner
bottom of page