Keys to Creating a Cybersecurity Process from the J3061 Process Framework
This web seminar will define key concepts in cybersecurity and discuss what a cybersecurity process consists of and why one is needed for the development of cyber-physical vehicle systems. Featuring instructors from the SAE Vehicle Cybersecurity Systems Engineering Committee, the course will feature the process framework described in J3061 that will enable participants to relate it to their own organization"s processes, including cybersecurity and safety activities. The instructors will provide guidance on how to tailor the standard"s process framework into an internal process to build cybersecurity robustness into cyber-physical systems. Different approaches to integrate the process within the participant"s organization, including the key issues and potential pitfalls with respect to implementation of a cybersecurity process, will be discussed. Key analysis activities that support the process, including Threat Analysis and Risk Assessment and Attack Tree Analysis, will also be presented.
Note: Due to the complexities and unique internal processes within each organization, participants will not be given a complete process implementation that can be directly applied in their organization. The information provided in the course will equip participants with the necessary foundation to begin tailoring the J3061 process framework for application within their organization.
What Will You Learn
- Define key cybersecurity concepts
- Describe what a process consists of and why a cybersecurity process is needed
- Relate the process framework described in J3061 to your own development processes
- Recognize ways to integrate cybersecurity and safety within your organization
- Describe analysis activities to be performed with respect to an effective cybersecurity process
- Recognize potential pitfalls and key issues with respect to implementation
Is This Course For You
This course will be beneficial to anyone involved in cybersecurity including those wishing to lead their organization in implementing and applying a cybersecurity process. Cybersecurity engineers will learn the need for a cybersecurity process and comprehend the J3061 process framework for tailored application in their organization. Quality management professionals will learn that a cybersecurity process is another important factor in internal process improvement and auditing. Executives and management representatives will better understand how to use J3061 to build defense and in-depth cyber-physical vehicle systems and how to drive cost savings through a systematic process. Human Resources will comprehend the need for seeking out individuals with the skills needed to address cybersecurity within their organizations.
Similar content is available in the classroom seminar, Keys to Creating a Cybersecurity Process from the J3061 Process Framework.
*Global toll-free telephone numbers are provided for many countries outside the U.S., but are limited to those on the WebEx call-in toll-free number list. Check here to see if your country has a global call-in toll free telephone number for this web seminar. If your country is not listed, you may still connect using the US/Canada Call-in toll number or Voice over Internet Protocol (VoIP).
Although WebEx Training Manager will automatically launch when you join the web seminar, you or your system administrator are encouraged to download the plug-in in advance to help ensure successful setup. Click here, then follow the onscreen instructions.
- Brief History of Automotive Security and Cybersecurity
- Introduction to Connected Vehicle Applications
- Cyber-Physical Systems
- Difference between cyber-physical systems security (cybersecurity) and IT security
- Five Levels of Vehicle Attack: wireless, wired; ECU external / internal; software / silicon
- Reactive vs. Proactive Approach to Cybersecurity
- What is a Process?
- Key Concepts in Cybersecurity Defined
- Introduction to J3061
- What components of a process are captured
- Scope, rationale and intent
- Tailoring from the ISO 26262 process framework
- When to Apply a Cybersecurity Process
- Cybersecurity Process Overview
- Motivation for a well-defined and well-structured process
- J3061 process framework
- Milestone and gate reviews
- Cybersecurity Process Details
- Overall management of cybersecurity
- Concept phase
- Product development at the system, hardware and software levels
- Production, Operation and Service
- Supporting Processes
- Relationship between Cybersecurity Process and Safety Process
- Review of Appendices A, C-E, G-I
- Tailoring the J3061 Process Framework into an Internal Process
- Examples of Key Analysis Activities
- Threat Analysis and Risk Assessment
- Attack Tree Analysis