Introduction to ISO/SAE 21434 Road vehicles Cybersecurity

Introduction to ISO/SAE 21434 Road vehicles Cybersecurity (2 day course)

Date: 4-5/12/2024
Place: Onsite/online
Language: English or Swedish
Price: 2.000 EUR, 20.000 SEK, 14.000 DKK

Request more information

Magnus Kindberg (SE, NO)
Phone: +46 (0)40 59 22 22
magnus.kindberg@nohau.se

Heidi Lehtomäki – Finland
phone: +358 40 196 0142
heidi.lehtomaki@nohau.fi

Klaus Ahrensbach – Denmark
Phone: +45 3116 1019
ka@nohau.dk

Purpose

To give an introduction and overview of ISO/SAE 21434 content. Special focus on the early phases, such as risk assessment methods and concept development.

Goals

  • The participants shall get an overall understanding of
  • ISO/SAE 21434 structure and content.
  • Terminology and definitions.
  • Cybersecurity management including development of a ”Cybersecurity case”.
  • Continuous cybersecurity activities including vulnerability analysis.
  • Threat analysis and risk assessment including examples of risk assessment methods.
  • Cybersecurity requirements and cybersecurity concept.
  • Product development related to cybersecurity.
  • Cybersecurity validation.
  • Connection to ISO 26262.

Day 1

 

09:00     Introduction

  • What is cybersecurity?
  • UNECE regulation 155
  • ISO/SAE 21434
  • Comparison with ISO 26262

10:15              Break

10:30              Cybersecurity management

  • Overall cybersecurity management
  • Roles & culture
  • Process relation
  • Planning
  • Cybersecurity case
  • Off-the-shelf & out-of-context components
  • Item or component reuse
  • Audits & assessments

 

12:00              Lunch

13:00     Exercise and discussion

13:30     Distributed cybersecurity activities

  • Supplier capability
  • Request for quotation
  • Cybersecurity interface agreements
  • Alignment of responsibilities

 

13:50     Continual cybersecurity activities

  • Cybersecurity monitoring
  • Cybersecurity event assessment
  • Vulnerability analysis
  • Vulnerability management
  • Incident response

 

14:10     Break

14:30     Concept development (1)

  • Item definition

15:00     Exercise

15:30     Summary

16:00     End

 

Day 2

09:00     Introduction and recap from Day 1

09:30     Concept development (2) + Exercises

  • Cybersecurity goals (1)
    • Threat analysis and risk assessment (TARA)
    • Risk treatment

10:15     Break

  • Cybersecurity goals (2)
    • Cybersecurity goals
    • Cybersecurity claims
  • Cybersecurity concept

12:00     Lunch

13:00     Product development

  • Cybersecurity controls
  • System requirements
  • Architectural design
  • Software development
  • Vulnerability analysis
  • Integration and verification

13:45     Exercise

14:15     Break

14:30     Cybersecurity validation

  • Validation
  • Release for post-development

15:00                     Post-development

  • Production
  • Operations and maintenance
  • Cybersecurity incident response
  • End of support and decommissioning

15:30     Summary and conclusion

16:00     End

This course is in collaboration with our partner: Evidente

Önskar du mer information?

Behöver du en offert, information eller råd. Kontakta oss!