Certified Professional Level Training for Automotive Cyber Security based on ISO 21434

The automotive industry is constantly confronted with new quality requirements due to increasing digitisation, networking and automation of vehicles. Series vehicles and their components must be developed, taking automotive cybersecurity into account. It will substantially impact vehicle development and the entire life cycle.

During this interactive automotive cybersecurity course, participants will gain in-depth knowledge of various requirements for automotive cyber security standard ISO 21434. The participants would understand the connection between the threat and risk analysis, security concept, stakeholders' expectations, security specification, and verification and validation concept over the complete life cycle.

The ISO 21434 certification concept behind the training comprises a multi-stage qualification and practical approach considering implementation aspects in the industry.

The ISO/SAE 21434 training is a comprehensive 3-day program covering basic to advanced industry concepts. Once you complete the training successfully, you will be awarded with a Certified Automotive Cybersecurity Practitioner (CACSP) Certificate. Here is a brief outline of the automotive cybersecurity training program.

• What and why is it important?
• Case studies and analysing the current cybersecurity threats & challenges in the automotive domain
• Security vs Safety

• Automotive Electronics and advancements
• Attack vectors and potential vulnerabilities and risks in automotive systems
• Goals of cybersecurity (authenticity, integrity, confidentiality, availability)

• Relationship to ISMS
• Learning from best practices and guidelines
• UNECE WP.29 regulation No. [155] (CSMS); No. [156] (SUMS)

• Structure of the standard including provisions, objectives and annexes

• ISO/SAE21434 Management (Clause 5 & Clause 6) (L/D/E) - Organisation level & Project-dependent Cybersecurity Management. Aligning organizational processes with ISO-21434 standards
• Distributed Cybersecurity Activities (Clause 7) (L/D/E) - Coordinating cybersecurity efforts with other entities in automotive supply chain
• Continual Cybersecurity Activities (Clause 8) (L/D) - Continuous risk management strategies to mitigate cybersecurity risks effectively
• Concept phase (Clause 9, Clause 15) (L/D/E) - Item definition, Security concepts, determination of security objectives and derivation of cybersecurity requirements. Threats and Threat Modelling, the seven steps of carrying out a risk assessment and an example of how to estimate risks using TARA and how to deal with these risks. A practical exercise to walk through a risk assessment step by step.
• Product development and validation (Clause 10 & Clause 11) (L/D) - Reference to the V Model, activities on both sides of the V Model, system, software and hardware development, verification and validation
• Post-Development Phases (Clauses 12-14) (L/D)
• Production, Operation, Maintenance, and Decommissioning
• Cybersecurity Testing Approaches: Vulnerability Analysis, Penetration testing and Fuzz testing (L/D)

1) Introduction to Cryptography
2) Key Management & Security at hardware level: HSM, SHE modules
3) Security features and its realization with use cases

Manager, software developers, hardware developers, project leaders, quality representatives, test engineers and all who are involved in Automotive Cybersecurity

• Recognize and identify cybersecurity aspects from conceptual level to its implementation. 
• Hands-on experience on secure internal communication, diagnostics and boot loader.
• Hands-on experience on how to perform cybersecurity verification and validation.
• Plan, monitor, execute and assess product development based on ISO 21434 standard.
• Work as a cybersecurity professional at OEM, tier 1 and supplier's end.

Duration: 120 mins

Details: Multiple Choice Questions

Certification

Candidates who successfully pass the examination will be awarded Certified Automotive Cybersecurity Practitioner (CACSP) certificate.

1. When can I get the certificate?
Certified Automotive Cybersecurity Practitioner (CACSP) certification will be issued within 21 working days from the examination date.

2. When can I get the training material and invite?
One day before the commencement of the training program.

3. How do I pay the fees for training and examination?
Online mode

4. What is automotive cyber security?
Automotive cybersecurity ensures the protection and safety of communication networks, electronic systems, control algorithms, users, software, and underlying data from any cyber-attacks. These malicious attacks could cause unauthorised access, manipulation, and damage if left unprotected.

5. What are the benefits of the Certified Automotive Cybersecurity Practitioner (CACSP) Program?

• Recognise and identify cybersecurity aspects from conceptual level to its implementation. 
• Hands-on experience on secure internal communication, diagnostics and boot loader.
• Hands-on experience on how to perform cybersecurity verification and validation.
• Plan, monitor, execute and assess product development based on ISO 21434 standard.
• Work as a cybersecurity professional at OEM, tier 1 and supplier's end.

6. What will be the impact of cyber security on the vehicle infotainment system?

Malicious attacks can access a vehicle’s networks through the OBD-II ports, compromised ECUs, and infotainment systems. As a result, they could access personal information and even damage a vehicle’s components leading to safety risks.

Automotive cybersecurity training helps ensure the security of telecommunication networks, electronic components, control algorithms, users, software, and underlying data in the event of cyber-attacks.

7. Why cybersecurity is important in automotive?
Every time you write a code on an automobile’s ECU, there is a risk of a malicious cyber-attack. This could damage the vehicle and even compromise personal information. The ISO 21434 training helps you deal with such challenges effectively.

8. Is there any refund policy for the paid fees?
Please refer to Cancellation and Refund policy page.