Preparing a Cybersecurity Case Introduction

Course Duration: 2 Days - 8 Hours/day

Per ISO/SAE 21434 and SAE J3061, a cybersecurity case provides a structured argument for the achieved degree of cybersecurity. It is a structured document that provides a basis for judgement and confidence of cybersecurity.Preparing a cybersecurity case is critical to assuring the cybersecurity of an item. This two day seminar provides guidance on preparing a cybersecurity case to achieve cybersecurity goals. It will explain the building blocks of a cybersecurity case and how to document the cybersecurity case based on the MISRA argument structure. The building blocks of a cybersecurity case include:

  • Cybersecurity goals
  • Cybersecurity case arguments
  • Cybersecurity case evidence

Learning Objectives

  • Determine the relevance of the cybersecuritygoals, arguments, and evidence in the cybersecurity case
  • Analyze a layered model for structuring cybersecurity arguments
  • Apply the layered model to ISO/SAE 21434 and SAE J3061
  • Apply the generic argument structure to Cybersecurity Goals

Course Outline

Day 1

  • Building blocks of a cybersecurity case
  • Cybersecurity goals
  • Cybersecurity case arguments
  • Cybersecurity case evidence
  • Layered model for structuring cybersecurity arguments
  • Rationale
  • Satisfaction
  • Means
  • Organizational environment
  • Methods, processes, and tools for preparing a cybersecurity case: Goal Structuring Notation (GSN)

Day 2

  • Applying the layered model to ISO/SAE 21434 and SAE J3061
  • The ISO/SAE 21434 implicit argument
  • The MISRA argument structure
  • Applying the generic argument structure to Cybersecurity Goals
  • Argument structure
  • Example for cybersecurity goals

Note: The materials will include SAE J3061 content as applicable.

Who Should Attend

Those involved in the design, development, and production of electrical and electronic based vehicle products, including the systems, software and hardware engineers, and managers. Basically, all those responsible for the development and implementation of hardware and software systems in motor vehicles.

Participants should be, or plan to be, actively managing, or involved in, or aware of the development of electrical and/or electronic items, systems, or elements that are incorporated in motor vehicles. Participants should also have the abilities, education, and experience required for the above roles.


Course Materials

Each participant will receive a seminar manual and a set of breakout exercises to be performed in groups during the course.

Note: Omnex does not provide copies of standard(s) during training courses, but clients are encouraged to have their own copy.

Pre-Requisite

Participants should be involved in or aware of Cybersecurity development as it relates to the vehicle industry.

Upcoming Training