What is asset identification in automotive? Video course
Learn what asset identification for vehicle cybersecurity is, its purpose during the Threat Analysis and Risk Assessment process and the steps involved. Moreover, we will also explain how the CIA model helps identify cybersecurity relevant properties. You will also get recommendations on approaches to identify assets depending on the development phase.
Learn How to Perform Asset Identification Based on Recommended Practices
In order to define if an item requires security and is cybersecurity relevant, the asset identification is performed as the first step in the Threat Analysis and Risk Assessment process. In the “Asset Identification” video course, you will learn how to identify assets with the functional and technical approach, as well as how to define cybersecurity properties with the CIA model.
First, you will get an overview of the TARA process, where you will learn why exactly the asset identification is needed for further TARA activities. Then, we will define what the asset identification process according to ISO/SAE 21434 and what a cybersecurity asset is.
Next, we will introduce the functional and technical approaches to identify assets and explain for which development stage and scenarios they are recommended for. Additionally, we will also provide a suggested process and sources for asset identification for each approach based on previous project experience and best practices.
Then, we will define what a cybersecurity property is and how the CIA model is used to determine them and their role in asset identification. Here, we will also indicate if other attributes may be needed.
Finally, you will learn how the determination of assets is done and which considerations must be taken into account for the decision making involved.
Who the Asset Identification video course is made for
For professionals in sales and purchase
In asset identification it is important to understand the impact of stakeholders in cybersecurity relevant components. Therefore, with this video course, you will get a thorough understanding on the asset identification process and its impact on you as a stakeholder, if relevant.
For software and system engineers
This video course is useful for software and system engineers involved in automotive cybersecurity as it explains the first step in the Threat Analysis and Risk Assessment. You will also learn how the CIA model determines cybersecurity properties and which approach to use for asset identification.
Asset Identification – Video course content
In this part, we will introduce the asset identification in the context of the Threat Analysis and Risk Assessment process and the importance of learning objectives in this video course.
II. ISO/SAE 21434 Risk Assessment Process
In a quick visual overview of the TARA process, you will learn where the asset identification takes place and where it is further needed.
III. Asset Identification & Cybersecurity Asset
Get a thorough explanation of what the asset identification and cybersecurity asset are to enable a common understanding of the key terms.
IV. Functional safety vs technical approach for identifying assets
During this section, you will get a thorough explanation about the recommended approaches to identify assets, being the functional safety and technical approach.
Here, we will present the CYRES Consulting suggested process and sources for asset identification for both the functional and technical approach.
VI. Determination of Security Properties
Understand what the cybersecurity property and CIA model are, which is used for defining attributes worth protecting. We will also define what a cybersecurity asset is and illustrate when additional attributes might be needed with v2x vehicle communication.
VII. Determination of Impact on Security Attributes Loss
Following up on the previous section, here we will dive into how the determination of assets process looks like.
VIII. Asset Identification Outro
Lastly, we will recapitulate on the main lessons learned on this video course.