Building up automotive cybersecurity expertise in testing

Expand testing strategies and practice with cybersecurity methods and tools

The entire discipline of vehicle testing is being raised to a new level by cybersecurity requirements. For teams working in the field of testing, cybersecurity creates a number of new challenges as well as opportunities. It is important to encourage the utilization and enhancement of traditional testing methods for cybersecurity purposes. The introduction of new structures, procedures, methods and tools is coming into focus. The conceptually careful adaptation and expansion of test procedures to include cybersecurity aspects is crucial, not only to ensure security, but also to adequately fulfill legally binding requirements.

Get to know the tools to prepare, implement, and execute the different tests for your projects, ensuring that cybersecurity best practices are considered. Now you will find all learning content of the live training available as a video course series.

Advantages at a glance

  • Foster clarity on the assignment of additional tasks and responsibilities: Clearly defined responsibilities between the testing and cybersecurity teams about additional necessities are a prerequisite to ensure efficient and effective test execution.
  • Ability to deal with new methods and tools: The correct consideration of cybersecurity requirements in testing makes the introduction and use of specialized methods and tools indispensable. Internal/external penetration testing must be included as a central building block for quality in testing.
  • Understanding the importance of penetration testing in automotive: Penetration tests, in which products, components and systems are actively attacked to uncover vulnerabilities, are becoming a mandatory requirement - the associated knowledge is becoming indispensable.
  • Expansion of test strategies along the vehicle lifecycle: Existing test strategies and procedures need to be expanded in order to correctly incorporate new cybersecurity parameters, such as software updates in the post-production phase.

Learning objectives of the entire video course
What will you be able to do after completing this video learning course?
  • Comprehend the impact of automotive hacks in and between all product lifecycle phases.
  • Differentiate between legal regulations and standards like UN R155 and ISO/SAE21434.
  • Identify potential enablers and inhibitors of cybersecurity.
  • Be able to sketch the elements of cybersecurity development like concepts, goals, and claims.
  • Be sure you can follow the main steps of risk assessment.
  • Reflect the challenges of cybersecurity planning especially during distributed development.
  • Describe the needs of cybersecurity verification and validation incl. fuzz and pen testing.

Content of the ACP Training Library (Total length: +7 hours)

This video course series consists of 41 single videos, according to the following listing (sorted by chapters)

By accessing this All-access bundle, you will then find a learning video (in English) for each topic listed below in your personal login area. Each individual learning video has a length of approx. 10 minutes. Please note: Downloading the learning videos is not possible for licensing reasons.

• Cybersecurity terms and definitions
• Automotive hacks

• The Difference between Regulations, Standards, and Laws
• Overview ISO/SAE 21434
• UN Regulation No. 155 (CSMS + Type Approval)
• UN Regulation No. 156 (SUMS + Type Approval + RXSWIN)

ISO 24089 (SW over-the-air updates)
• Initiatives and Public resources

• Vehicle ecosystem and challenges in V2X
• Impact of Cybersecurity on Product lifecycle

• Cybersecurity Management - Organizational level
• Cybersecurity culture
• Tool Qualification
• Cybersecurity Management - Project level
• Impact of Cybersecurity on Project lifecycle
• Cybersecurity planning
• Cybersecurity Plan
• Cybersecurity Interface Agreement
• Cybersecurity Case

Release for post-development report
Overview Product Security Incident Response Team (PSIRT)
• Vulnerability Analysis

Cybersecurity requirements for post-development

• Cybersecurity Development
• Development Overview and cybersecurity relevance
• Threat analysis and risk assessment (TARA)
• Cybersecurity Concept
• Cybersecurity Product development

Refined cybersecurity specification (system)
• Cybersecurity Validation

• Cybersecurity Risk Assessment

Cybersecurity in HW implementation (e.g. hardware security module=HSM)
Cybersecurity SW Development Measures
Cybersecurity Control Implementation - Development vs Maintenance Phase
SW Quality
Re-Use-and out-of-context
Cybersecurity impact analysis - concept/reuse analysis

Introduction to Cybersecurity Controls
Automotive cybersecurity controls

• Cybersecurity verification and validation strategy
• Introduction to Cybersecurity test methods

Course plan

Intro to your ODV video learning course 🥉 CySec for Testing
📄 Chapter 01: Awareness
📄 Chapter 02: Automotive Cybersecurity Standards
📄 Chapter 03: Cybersecurity in Automotive Industry
📄 Chapter 04: Cybersecurity Management Courses
📄 Chapter 05: Cybersecurity Development
📄 Chapter 06: Risk Assessment
📄 Chapter 07: Cybersecurity Implementation
📄 Chapter 08: Cybersecurity controls
📄 Chapter 09: Cybersecurity Testing and Validation
Certificate of Attendance (CoA) Testing