The focus is on implementation methods and instruments for the technical development and integration of cybersecurity measures. For example, risk assessment and security testing are dealt with in detail with a close look on individual software, hardware and system levels.
CYRES Academy stands for effective and practice-validated cybersecurity trainings for different target groups in the organization. Developed together with one of the world’s leading Tier 1 suppliers in the automotive industry and with more than 70 experts, the training format is considered state-of-the-art in the field of applied cybersecurity. Whether as a presence event in the Munich Highlight-Towers, in your organization or as on-demand or virtual live training.
Cybersecurity for Engineers and Developers
Cybersecurity for Management functions
In this training, executives are introduced to cybersecurity topics. Current legal regulations and guidelines are presented, knowledge and awareness of the relevance of cybersecurity measures are created, and the topic is embedded in individual organisational and strategy development.
Cybersecurity for Support functions
In this training, employees, e.g. from purchasing or quality management, are introduced to cybersecurity. Operational aspects in everyday life will be focused, as well as current legal regulations for the different business areas will be discussed.
LECTURE BLOCKS CONTENT
Cybersecurity is by far no temporary fashion. However, the automotive industry does not realize the importance of Cybersecurity for its organization, and particularly for its products.
Therefore, a large gap exists between the requirements that result from new standards and regulations, and the existing knowledge within the organization. This lecture block creates awareness about the importance of Cybersecurity, and highlights that Cybersecurity is not only an add-on.
Since the last couple of years, several automotive Cybersecurity standards have come into action.
The most prominent one is the ISO/SAE 21434, which is more or less the successor of the SAE J3061. Moreover, government bodies (such as the UN Regulations) try to define standards and regulations, focusing on providing Cybersecurity recommendations. For example, the set-up of a Cyber Security Management System (CSMS).
This lecture block gives an overview about different approaches, and shows different possibilities to acquire knowledge (e.g. conferences, public initiatives).
The automotive Cybersecurity ecosystem is vast with protocols such as the V2X (vehicle-to-everything) which provides help for self-driving cars.
V2X includes different protocols such as V2V (vehicle-to-vehicle), V2I (vehicle-to-infrastructure and V2C (vehicle-to-cloud) which play a crucial role on the path to autonomous driving.
This lecture block covers all different protocols in terms of V2X. Moreover, it shows the whole automotive product life cycle, and the impact Cybersecurity has.
The whole organization and all respective roles are needed to ensure Cybersecurity, and build measures to mitigate cyber-attacks or any other kind of breaches. This lecture blocks explains organizational measures.
It also offers advice on how to cope with Cybersecurity within individual projects. These measures are needed to ensure Cybersecurity is at its best, along the whole product lifecycle.
As electronic systems are getting more complex and expanding within more industries, it is becoming imperative that security is increased.
The training provided through this lecture block, highlights security needs that must be considered at early stages of system design.
Also, we shall elaborate on the security specifications of early stages of system design, by considering the current state of security modeling.
The target is to improve the security modelling in order to reach / reduce the gap between itself and the state-of-art in security modelling in academia.
Cybersecurity risk assessment as envisioned by ISO/SAE 21434, is a process where all possible cyber threats are evaluated for their potential impact, their likelihood of success, and their execution methods. The training provided through this lecture block is structured to emphasize the difference between information security and embedded security. Also, we elaborate on how to perform risk assessment in agile ways.
Although vehicle manufacturers, suppliers, and commercial fleet operators, are not responsible for designing each extended element (e.g. third-party services) of the ecosystem, vehicle designs generally can account for the insecurities introduced by interactions with these extended elements.
Lecture block 40, looks at how to manage Cybersecurity aspects within the product life cycle phases, however, this lecture block deeper enhances the topic on implementing security in each life cycle phase. Providing the ability to understand the security implementations, and patch the vulnerabilities that emerge during each phase or function that could enable incident response.
Cybersecurity controls are safeguards or countermeasures to avoid, detect, counteract, or minimize Cybersecurity risks to physical property, information, computer systems, or other assets.
The relevance is ever increasing to mitigate cyber-attacks. In this lecture block different countermeasures are presented along the different product levels. This includes product/system level controls, but also special HW and SW controls.
Several demonstrations have shown that the risks are more than theory. Facing these challenges, the training is structured to introduce potential automotive security attacks, and some important automotive security threats.
It is explained in more detail, how to identify and evaluate potential security threats for automotive IT components, based on theoretical security analyses and practical security testing. Cybersecurity testing is a new and emerging topic, therefore, needs special budget and resources to be planned in every organization.
Live Trainings, on-demand and Virtual Trainings
We also offer tailored training courses in which we combine or expand the contents according to your ideas.
Of course, we also conduct all training courses at your premises in German or English.
We will be pleased to make you an appropriate offer. For questions and further information please contact us firstname.lastname@example.org.
- Up-to-date training material based on ISO/SAE 21434
- Comprehensive training developed on clients’ needs in close cooperation
- Tailored and modular training structure
- Certified trainers with many years of experience in the engineering and automotive market
- Collaboration with other market experts
Strengthen knowledge, capabilities and practical know-how around Cybersecurity: Send us your training inquiry now
Please send us your request here
Whether certification training for your engineering or management teams (among others) or individual training, tailored to the requirements of your organization: With the CYRES Academy you can rely on practice-proven and effective cybersecurity trainings. As classroom format (also in-house at your location) or on-demand/virtual training.
Our didactically trained trainers offer trainings in German and English – worldwide.
Let us talk about your specific needs: Please simply use the contact form to send us your request. We will then contact you as soon as possible.