Impact Assessment on Vehicle Cybersecurity – Video course
In this video course, you will learn what the impact assessment is, what it contains, as well as its role and importance for the overall risk assessment activities, and how to identify and handle damage scenarios as the project progresses. Additionally, you will learn about the impact rating criteria as required by ISO/SAE 21434 for each impact category.
Learn how to conduct an impact assessment and define damage scenarios according to ISO/SAE 21434
Of course, no one wants an attack to happen, but conducting systematic analysis of scenarios is essential to establish cybersecurity. This is exactly what is done at the Impact Assessment during the Risk Assessment process. In this video course “Impact Assessment”, you will learn how to conduct an impact assessment and give you an overview of the required information, including requirements from ISO/SAE 21434.
To start with, we will define what the impact assessment is, also by having a look at its place and role during the overall ISO/SAE 21434 risk assessment process. Next, we will explain what damage scenarios are and you will get recommendations on how to identify the outcomes and how to progress during the project stages.
After you understand the main role of the impact assessment and inputs, we will go back to the main topic of this video course and give you an overview of what the impact assessment is and present the inputs and outcomes.
Next, we will introduce the impact categories and their impact rating criteria. This section in the video course is important, as ISO/SAE 21434 requires to assess the impact rating for all the introduced impact categories.
To give you a better understanding, we will also provide an illustrative example of an impact assessment and the required impact rating assessment considering all categories.
Who the Impact Assessment video course is made for
For software engineers
After watching this video course, you will be able to estimate negative consequences of the product if cybersecurity issues arise by knowing how to conduct an impact assessment. Therefore, you will be able to provide an estimate of the importance of securely protecting the product.
For system engineers
While you might be familiar with the Impact Analysis term from Functional safety, ISO/SAE 21434 requires additional categories and impact rating criteria for conducting an impact assessment and impact rating criteria necessary for the risk value calculation. Learn about them in this video course.
Impact Assessment – Video course content
In this section, we will introduce what the Impact Assessment is, the learning objectives of this video course and why they are important.
II. ISO/SAE 21434 Risk Assessment Process
Recognize where the impact assessment takes place in the overall risk assessment process defined by ISO/SAE 21434 and its role for following activity, risk determination.
III. Damage scenarios
Learn what damage scenarios are, as well as steps and recommendations to handle damage scenarios depending on the project stage.
IV. Impact Assessment: an overview
Understand what the impact assessment is and how it should be done for each stakeholder. You will also learn the input and output of the impact assessment.
V. Impact categories
Here, we will define what the previously introduced impact categories are.
Get to know what the ISO/SAE 21434 requires in impact rating criteria and the what the rating values are.
VII. Impact Assessment: an example
Reinforce what you just learned with an illustrative example in the context of automotive cybersecurity.
VIII. Impact rating criteria: a closer look
Here, we will go over the different impact rating criteria and verbal descriptions of impact levels for safety, financial, operational, and privacy, taking the previous example in mind.
IX. The Impact Assessment and Threat Analysis
Get an overview on how the impact assessment and threat analysis outputs enable the risk determination. We recommend watching the “Threat Analysis in automotive” video course.
X. Lessons learned on Impact Assessment
At last, we will once more go over the main lessons learned during the “Impact Assessment” video course.
More video courses related to Impact Assessment
Attack Path and Feasibility Analysis
Learn how to perform an attack path using a top down approach with a linear attack path structure, as well as a feasibility analysis in this video course.
Risk Determination and Treatment
Learn about risk determination and treatment in TARA in this video course. This video course concludes our cybersecurity risk assessment module as these are the last two TARA steps.
Impact Assessment on Vehicle Cybersecurity
Learn what is the impact assessment, what are damage scenarios and what are the required by ISO/SAE 21434 impact rating criteria and values in this video course.
Threat Analysis in Automotive
Learn the steps of the Threat Analysis and the recommended STRIDE model, used not only in automotive but also in other industries with this video course.
Asset Identification in automotive
Learn the steps for vehicle asset identification, determination of assets, and CIA model in this video course. You will also get suggested approaches based on proven experience.
