OUR TRAININGS

Cybersecurity for Engineers and Developers

The focus is on implementation methods and instruments for the technical development and integration of cybersecurity measures. For example, risk assessment and security testing are dealt with in detail with a close look on individual software, hardware and system levels.

Cybersecurity for Management functions

In this training, executives are introduced to cybersecurity topics. Current legal regulations and guidelines are presented, knowledge and awareness of the relevance of cybersecurity measures are created, and the topic is embedded in individual organisational and strategy development.

Cybersecurity for Support functions

In this training, employees, e.g. from purchasing or quality management, are introduced to cybersecurity. Operational aspects in everyday life will be focused, as well as current legal regulations for the different business areas will be discussed.

LECTURE BLOCKS CONTENT

Cybersecurity Awareness

Cybersecurity is by far no temporary fashion. However, the automotive industry does not realize the importance of Cybersecurity for its organization, and particularly for its products.
Therefore, a large gap exists between the requirements that result from new standards and regulations, and the existing knowledge within the organization. This lecture block creates awareness about the importance of Cybersecurity, and highlights that Cybersecurity is not only an add-on.

Regulations, Standards & Initiatives

Since the last couple of years, several automotive Cybersecurity standards have come into action.

The most prominent one is the ISO/SAE 21434, which is more or less the successor of the SAE J3061. Moreover, government bodies (such as the UN Regulations) try to define standards and regulations, focusing on providing Cybersecurity recommendations. For example, the set-up of a Cyber Security Management System (CSMS).
This lecture block gives an overview about different approaches, and shows different possibilities to acquire knowledge (e.g. conferences, public initiatives).

Automotive Cybersecurity Ecosystem

The automotive Cybersecurity ecosystem is vast with protocols such as the V2X (vehicle-to-everything) which provides help for self-driving cars.
V2X includes different protocols such as V2V (vehicle-to-vehicle), V2I (vehicle-to-infrastructure and V2C (vehicle-to-cloud) which play a crucial role on the path to autonomous driving.
This lecture block covers all different protocols in terms of V2X. Moreover, it shows the whole automotive product life cycle, and the impact Cybersecurity has.

Cybersecurity Management

The whole organization and all respective roles are needed to ensure Cybersecurity, and build measures to mitigate cyber-attacks or any other kind of breaches. This lecture blocks explains organizational measures.
It also offers advice on how to cope with Cybersecurity within individual projects. These measures are needed to ensure Cybersecurity is at its best, along the whole product lifecycle.

Cybersecurity Development

As electronic systems are getting more complex and expanding within more industries, it is becoming imperative that security is increased.
The training provided through this lecture block, highlights security needs that must be considered at early stages of system design.
Also, we shall elaborate on the security specifications of early stages of system design, by considering the current state of security modeling.
The target is to improve the security modelling in order to reach / reduce the gap between itself and the state-of-art in security modelling in academia.

Cybersecurity Risk Assessment

Cybersecurity risk assessment as envisioned by ISO/SAE 21434, is a process where all possible cyber threats are evaluated for their potential impact, their likelihood of success, and their execution methods. The training provided through this lecture block is structured to emphasize the difference between information security and embedded security. Also, we elaborate on how to perform risk assessment in agile ways.

Cybersecurity Implementation

Although vehicle manufacturers, suppliers, and commercial fleet operators, are not responsible for designing each extended element (e.g. third-party services) of the ecosystem, vehicle designs generally can account for the insecurities introduced by interactions with these extended elements.

Lecture block 40, looks at how to manage Cybersecurity aspects within the product life cycle phases, however, this lecture block deeper enhances the topic on implementing security in each life cycle phase. Providing the ability to understand the security implementations, and patch the vulnerabilities that emerge during each phase or function that could enable incident response.

Cybersecurity Controls

Cybersecurity controls are safeguards or countermeasures to avoid, detect, counteract, or minimize Cybersecurity risks to physical property, information, computer systems, or other assets.
The relevance is ever increasing to mitigate cyber-attacks. In this lecture block different countermeasures are presented along the different product levels. This includes product/system level controls, but also special HW and SW controls.

Cybersecurity Testing

Several demonstrations have shown that the risks are more than theory. Facing these challenges, the training is structured to introduce potential automotive security attacks, and some important automotive security threats.
It is explained in more detail, how to identify and evaluate potential security threats for automotive IT components, based on theoretical security analyses and practical security testing. Cybersecurity testing is a new and emerging topic, therefore, needs special budget and resources to be planned in every organization.

680
Slides created
70
Experts involved in training validation
300
Pages of handout
2500
Hours invested in training development

IN-HOUSE TRAININGS

We also offer tailored training courses in which we combine or expand the contents according to your ideas.
Of course, we also conduct all training courses at your premises in German or English.
We will be pleased to make you an appropriate offer. For questions and further information please contact us academy@cyres-consulting.com.

    YOUR BENEFITS

    BENEFITS

    Up-to-date training material based on ISO/SAE 21434
    Comprehensive training developed on clients’ needs in close cooperation
    Tailored and modular training structure
    Certified trainers with many years of experience in the engineering and automotive market
    Collaboration with other market experts