Performing a Cybersecurity Threat Analysis and Risk Assessment
SAE J3061 sets out a recommended cybersecurity engineering process framework for organizations developing cyber physical systems. One of the recommendations of this framework is to carry out a threat analysis and risk assessment early in the product development. A threat analysis identifies and models the relevant threats against assets, and a risk assessment classifies the impact and likelihood associated with each threat. The approach enables the prioritization of risks and appropriate risk treatment measures to be determined in subsequent development phases.
This live, online course, delivered in three, two-hour sessions, provides participants with the knowledge of appropriate methods to carry out threat analysis and risk assessment for the development of a typical vehicle feature.
What Will You Learn
- Identify relevant threats
- Carry out threat modelling
- Create attack tree analyses
- Develop risk assessment
- Determine Cybersecurity Assurance Levels and Security Goals
Is This Course For You
*Global toll-free telephone numbers are provided for many countries outside the U.S., but are limited to those on the WebEx call-in toll-free number list. Check here to see if your country has a global call-in toll free telephone number for this web seminar. If your country is not listed, you may still connect using the US/Canada Call-in toll number or Voice over Internet Protocol (VoIP).
Although WebEx Training Manager will automatically launch when you join the web seminar, you or your system administrator are encouraged to download the plug-in in advance to help ensure successful setup. Click here, then follow the onscreen instructions.
- Threat Analysis
- Threat identification
- Threat modeling
- Attack trees
- Exercise 1: Threat Analysis
- Risk Assessment
- Severity classification
- Likelihood classification
- Exercise 2: Risk Assessment
- Assurance Levels and Cybersecurity Goals
- Determining the assurance level
- Developing cybersecurity goals
- Worked Example: Cybersecurity Goals