This on-demand course explains the international standard ISO/SAE 21434 which specifies requirements for cybersecurity risk management regarding road vehicle electrical and electronic (E/E) systems.
The course gives a detailed explanation of the requirements in the ISO/SAE 21434 standard divided into 10 lessons covering overall cybersecurity requirements as well as requirements specific for each of the product lifecycle phases.
The participants will gain thorough understanding of the standard as well as its application and relationship to the UNECE Regulation No. 155/156 and other related standards such as ISO 24089 and ISO/PAS 5112.
Examples of continual cybersecurity activities such as vulnerability analyses and risk assessments are presented as well as lifecycle specific activities such as requirement specification, testing and static code analysis. The course also contains examples of how important parts of the standard may be applied.
01. Background and Overview (10 min)
02. Terminology (6 min)
03. Organizational cybersecurity management – Clause 5 (5 min)
04. Project dependent cybersecurity management and Distributed cybersecurity activities – Clause 6 and 7 (11 min)
05. Risk assessment – Clause 15 (13 min)
06. Continual cybersecurity activities – Clause 8 (7 min)
07. Product development Overview and Concept phase – Clause 9 and 11 (14 min)
08. Product development Design – Clause 10.4.1 (14 min)
09. Product development Integration & verification and Validation – Clause 10.4.2 and 11 (17 min)
10. Post-development – Clause 12-14 (6 min)
The course is suitable for both managers, project leaders and engineers involved in the development of cybersecure automotive E/E-systems.
Peter Folkesson has over 30 years of experience in the field of dependable computing and is currently a researcher at the Dependable Transport Systems unit at RISE Research Institutes of Sweden. He received his PhD degree in Computer Engineering from Chalmers University of Technology and his main research interests include the interplay between safety and cybersecurity as well as fault- and attack injection techniques for verification and validation of safety and cybersecurity.
He is a member of the Swedish working group SIS/TK240/AG11 focusing on automotive cybersecurity standardization and has been involved with the development of the ISO/SAE 21434 standard.
Pierre Kleberger is a Researcher in the Dependable Transport Systems Group at RISE Research Institutes of Sweden. Pierre has been genuinely interested in computer and network security for a long time and been in the automotive security domain since 2009. Pierre received his PhD degree in Computer Science and Engineering from Chalmers University of Technology in 2015 for research in securing the connected car. His research interests are in cybersecurity and interplay between safety and cybersecurity.
Pierre is also a member of the Swedish working group SIS/TK240/AG11 focusing on automotive cybersecurity standardization and has been involved with the development of the ISO/SAE 21434 standard.