ISO21434 Automotive Cyber Security Red Belt Certification
Course Identifier: e31-001
CertX’s Cyber Security team developped this program to provide complete cyber security training course based upon the ISO21434 standard for Road Vehicle Cyber Security. During the two-day training program you will become familiar with relevant cyber security terminology and activities, you get an excellent understanding of the ISO21434 Standard and you will learn to apply your new knowledge and skills within the practice of your own organization.
The thirth day, a final exam can consolidate and validate your new skills.
Our course is structured based on a top-down approach allowing trainees to book one or multiple days tailored to their needs. However, the exam given the fifth day requires that all training days (1-to-2) have been followed by the trainee.
Day 1 – ISO21434 – Introduction to general cyber security and CSMS
Introduction to general cyber security
- Trends & threats
- Technologies and algorithms
- Alignment with FuSa (ISO26262)
Overall Cyber Security Management (Clause5)
- Risk Management
- Information sharings
- Confirmation measures
Project dependent Cyber Security Management (Clause 6)
- Tailoring of activities
- System / Component out of context
Post-development Phase (Clause 10-13)
Day 2 – ISO21434 – Applying the standard from the concept phase to the validation
Concept Phase (Clause 8)
- Cybersecurity Relevance
- Item Definition
- Threat Analysis and Risk Assessment (TARA)
- Cybersecurity Goals
- Cybersecurity Concept
- Cybersecurity Assurance Levels (CAL)
Risk Assessment Methods (Clause 7)
- Asset Identification
- Vulnerability Analysis
- Attack Feasibility Analysis
- Risk Determination
- Risk Treatment
Product Development I (Clause 9)
- Introduction to Design & Verification
- Cyber security requirements
- Cyber security design and controls
- Hardware development (model, design principles…)
- Software development (design principles, compliance, integration, testing…)
- Validation at Vehicle Level & Release for Post-Development (validation, assessment…)
Supporting Processes (Clause 14)
- Quality Management System
- Change Management
- Documentation Management
- Configuration Management
- Requirements Management
- Tool Management
- Distributed Cyber Security Activities
Day 3 – Exam
The exam will be taken at the end of the course.
In case the individual trainee achieves a minimum of 75% of the total score he/she will receive a certificate valid for a period of 3 years.
In case of non-achievement of the minimum score he/she will receive a confirmation of participation.
Upon the agreement of the individual we publish his/her certificate and validity on our registry accessible through our website.
Please find our additional resources below: