Topics: Advanced Technologies Risk assessments , Product development , Cybersecurity
Applying the new ISO/SAE 21434 Standard? This introductory course outlines the methods specified to assess cybersecurity risk to a road vehicle product in the context of ISO/SAE 21434. This risk-based methodology is a modular component of additional topics in the standard and a necessary concept to comprehend.
Managing Cybersecurity Risks Using ISO/SAE 21434 explains the methods and logic behind the standard and focuses on risk assessment as a basic principle that must be applied in all other areas of 21434. The course introduces risk terminology and provides a step-by-step method to collect information on a product to assess the risk of harm to a product’s stakeholders through cyber-capabilities. It also outlines the Threat Agent Risk Assessment (TARA) tool and describes methods for implementing a TARA to report risk when making decisions detailed in other aspects of ISO/SAE 21434. *Please note, this course does not replace the need to become familiar with the ISO/SAE 21434 standard, it supplements it.
After successfully completing this course, you will be able to:
ISO/SAE 21434 Standard is included with this course.
This course is geared towards electrical and software engineers, as well as engineers that are directly or indirectly tied to cybersecurity. It would also be appropriate for functional safety managers, product planners, designers, implementers, testers, operations analysts, regulators, and other managers.
Email CustomerService@sae.org, or call 1-877-606-7323 (U.S. and Canada) or 724-776-4970 (outside US and Canada).
Module 1: Risk Assessment
Module 2: Product Development
Module 3: Ongoing Operations
Module 4: Management System
Dr. David Ward is Senior Technical Manager, Functional Safety at HORIBA MIRA. In this role, he provides leadership in development and independent assessment of automotive electronic system safety, reliability and cybersecurity. Since joining HORIBA MIRA in the 1990s, Dr. Ward has been instrumental in industry activities to develop standards and guidance for automotive functional safety, beginning with the pioneering MISRA “Guidelines for Development of Vehicle Based Software” in 1994 and more recently as the UK Principal Expert to ISO/TC22/SC32/WG8 “Road Vehicles - Functional Safety”, which develops ISO 26262. Dr. Ward is an active contributor to the automotive industry's standard for cybersecurity ISO/SAE 21434 and prior to that contributed to SAE J3061. In recognition of his contribution to standardization in functional safety, he was awarded the Institute of Mechanical Engineers Award for Risk Reduction in 2013. Dr. Ward holds an MA degree in Natural Science from the University of Cambridge, a Ph.D. in Electrical Engineering from the University of Nottingham, UK and holds appointments as a Visiting Professor in Functional Safety at Coventry University, UK and in Engineering Design at the University of Leicester, UK.
Bill Mazzara serves on the SAE/ISO Joint Working Group for Road Vehicles Cybersecurity Engineering which has published ISO/SAE 21434DIS. He is also the chair of SAE Vehicle Electrical System Hardware Security Subcommittee which has published SAE J3101.
Having begun his career as a test engineer during the infancy of the connected car, Mazzara has witnessed and been a driving force in the evolution of the field, granted 29 related patents in the process. As it became apparent that the lack of cybersecurity was an unfortunate oversight of the connected car, Bill became part of the solution. Mazzara served on the response team charged with addressing what is widely considered one of the automotive industry’s first cybersecurity incidents against a passenger vehicle, the incident chronicled in 2010 study by researchers from the Universities of California San Diego and Washington.
A Certified Information Systems Security Professional(CISSP), Mazzara holds a bachelor’s degree in Electrical Engineering from the University of Notre Dame in addition to masters’ degrees in wireless communications and business administration.