In this video course, you will learn what the impact assessment is, what it contains, as well as its role and importance for the overall risk assessment activities, and how to identify and handle damage scenarios as the project progresses. Additionally, you will learn about the impact rating criteria as required by ISO/SAE 21434 for each impact category. Of course, no one wants an attack to happen, but conducting systematic analysis of scenarios is essential to establish cybersecurity. This is exactly what is done at the Impact Assessment during the Risk Assessment process. In this video course “Impact Assessment”, you will learn how to conduct an impact assessment and give you an overview of the required information, including requirements from ISO/SAE 21434. To start with, we will define what the impact assessment is, also by having a look at its place and role during the overall ISO/SAE 21434 risk assessment process. Next, we will explain what damage scenarios are and you will get recommendations on how to identify the outcomes and how to progress during the project stages. After you understand the main role of the impact assessment and inputs, we will go back to the main topic of this video course and give you an overview of what the impact assessment is and present the inputs and outcomes. Next, we will introduce the impact categories and their impact rating criteria. This section in the video course is important, as ISO/SAE 21434 requires to assess the impact rating for all the introduced impact categories. To give you a better understanding, we will also provide an illustrative example of an impact assessment and the required impact rating assessment considering all categories. After watching this video course, you will be able to estimate negative consequences of the product if cybersecurity issues arise by knowing how to conduct an impact assessment. Therefore, you will be able to provide an estimate of the importance of securely protecting the product. While you might be familiar with the Impact Analysis term from Functional safety, ISO/SAE 21434 requires additional categories and impact rating criteria for conducting an impact assessment and impact rating criteria necessary for the risk value calculation. Learn about them in this video course. In this section, we will introduce what the Impact Assessment is, the learning objectives of this video course and why they are important. II. ISO/SAE 21434 Risk Assessment Process Recognize where the impact assessment takes place in the overall risk assessment process defined by ISO/SAE 21434 and its role for following activity, risk determination. III. Damage scenarios Learn what damage scenarios are, as well as steps and recommendations to handle damage scenarios depending on the project stage. IV. Impact Assessment: an overview Understand what the impact assessment is and how it should be done for each stakeholder. You will also learn the input and output of the impact assessment. V. Impact categories Here, we will define what the previously introduced impact categories are. Get to know what the ISO/SAE 21434 requires in impact rating criteria and the what the rating values are. VII. Impact Assessment: an example Reinforce what you just learned with an illustrative example in the context of automotive cybersecurity. VIII. Impact rating criteria: a closer look Here, we will go over the different impact rating criteria and verbal descriptions of impact levels for safety, financial, operational, and privacy, taking the previous example in mind. IX. The Impact Assessment and Threat Analysis Get an overview on how the impact assessment and threat analysis outputs enable the risk determination. We recommend watching the “Threat Analysis in automotive” video course. X. Lessons learned on Impact Assessment At last, we will once more go over the main lessons learned during the “Impact Assessment” video course.Impact Assessment on Vehicle Cybersecurity – Video course
Learn how to conduct an impact assessment and define damage scenarios according to ISO/SAE 21434
Who the Impact Assessment video course is made for
For software engineers
For system engineers
Impact Assessment – Video course content
More video courses related to Impact Assessment
Attack Path and Feasibility Analysis
Learn how to perform an attack path using a top down approach with a linear attack path structure, as well as a feasibility analysis in this video course.
Risk Determination and Treatment
Learn about risk determination and treatment in TARA in this video course. This video course concludes our cybersecurity risk assessment module as these are the last two TARA steps.
Impact Assessment on Vehicle Cybersecurity
Learn what is the impact assessment, what are damage scenarios and what are the required by ISO/SAE 21434 impact rating criteria and values in this video course.
Threat Analysis in Automotive
Learn the steps of the Threat Analysis and the recommended STRIDE model, used not only in automotive but also in other industries with this video course.
Asset Identification in automotive
Learn the steps for vehicle asset identification, determination of assets, and CIA model in this video course. You will also get suggested approaches based on proven experience.
Cybersecurity Risk Assessment Summary
The Cybersecurity Risk Assessment video course gives a concise overview of Cybersecurity Risk Assessment, also known as Threat Analysis and Risk Assessment.
Understand what the impact assessment involves and what ISO/SAE 21434 requires for impact rating criteria
I. Introduction to Impact Assessment
VI. Impact rating criteria
