Cybersecurity Measures in Software Development in Automotive
In this video course, you will learn about the secure software development considerations highlighted by ISO/SAE 21434:2021, including software validation and verification. By getting to know the proven and accepted guidelines and validation practices available you will not only be able to ensure security in your products, but also increase trust in your processes and organization.
Enhance your cybersecurity measures in software development by following industry standard practices
How does the effective implementation of secure software development align with ISO/SAE 21434 standards? This is the central theme of the introductory video course titled „Cybersecurity Measures in Software Development“.
We will start by illustrating the broader context of software development within the realm of product development, utilizing the well-recognized structure of the V-model.
In the initial section, you will navigate through ISO/SAE 21434:2021 requirements relevant to software development and aligning proven practices to ensure secure and high-quality software products.
Moving forward, the pivotal role of coding guidelines, rules, and standards will be highlighted. Next, we will introduce the Misra C standard, a recommended framework by ISO/SAE 21434:2021, while explaining its significance in enhancing software reliability and security. Sample rules from the standard are discussed, illustrating how they bolster code quality and diminish vulnerabilities.
Afterwards, we delve into the dynamic realm of code analysis, covering the benefits and capabilities of both static and dynamic code analysis techniques. In a side-by-side comparison, you will understand their distinct roles in identifying vulnerabilities and ensuring compliance with software requirements.
Moreover, the significance of Software Composition Analysis (SCA) in identifying vulnerabilities and managing third-party software risks is explained. Additionally, the course highlights memory checkers‘ role in identifying memory errors in C/C++ programs, supported by practical examples.
Lastly, you will get to know cybersecurity testing’s importance within automated frameworks like CI/CD and various testing types as part of the required software validation activities.
Who the „Cybersecurity Measures in Software Development“ video course is made for
Test Engineers and Developers
Professionals who deal with the implementation and validation of software development for vehicles should become familiar with measures recommended by the ISO/SAE 21434:2021. Proven practices and recommendations are shared in this video course.
System and Software Engineers
For professionals building and safeguarding systems, grasping cybersecurity verification and validation methods is vital. The awareness provided in this video course enables effective activity execution, analysis, and proof of product cybersecurity.
Cybersecurity measures in software development – Video course content
Recognize the importance and significance of implementing cybersecurity measures for software development in the automotive industry, as highlighted by the ISO/SAE 21434:2021.
II. Context of software implementation
Get a visual explanation on the product development process with the V-model structure. Understand how a system design is developed based on the cybersecurity concept and the important role integration and verification activities play in the implementation process.
III. Software development
Here, you will get a detailed interpretation of the ISO/SAE 21434:2021 requirements relevant for software developments, including recommendations and an introduction to measures to fulfill compliance.
IV. Coding guidelines, rules and standards
The first measure to achieve compliance is explained here. Learn what coding guidelines are from a security perspective. Get familiar with the Misra C standard, which is recommended by ISO/SAE 21434:2021, incl. some sample rules.
V. Static and dynamic code analysis
Learn how both code analysis can test the quality and requirements achieved by the software. In a side to side comparison, you will get an overview of how these code tests can detect vulnerabilities and get to know their advantages and shortcomings.
Understand how software composition analysis tools can help identify vulnerabilities and how it can mitigate the risks that come with open source software or 3rd party software.
VII. Memory checkers
Here, you will get to know how memory checkers can help detect common memory errors in C and C++ programs. Examples for common C++ issues are also provided, as well as a sample output of a memory checker to illustrate the explained memory checker’s functions.
VIII. Cybersecurity testing
Get familiar with this measure crucial to validate software development within automated frameworks including Continuous Integration (CI) and Continuous Deployment (CD) testing frameworks. Different types of testing within those frameworks are briefly covered.
To conclude this video course, the main takeaways for software implementation and validation measures will be wrapped up here.