Linked e-resources
Details
Table of Contents
Cover
Title Page
Copyright Page
Contents
Preface
About the Authors
CHAPTER 1 Introduction to Automotive Cybersecurity
What Is Cybersecurity?
What Does "Cybersecurity" Mean in the Automotive Context?
Key Concepts and Definitions
CHAPTER 2 Cybersecurity for Automotive Cyber-physical Systems
Relationship between Cybersecurity, Functional Safety, and Other Disciplines
What Does "Cybersecurity" Mean in the Automotive Context?
The Vehicle Attack Surface
Wireless Interfaces
Long-Range Wireless Communications
Short-Range Wireless Communications
Wired Interfaces
In-Vehicle Networks
ECUs
Attack Paths and Stepping Stones
Addressing Cybersecurity-People, Process, and Technology
Management of Cybersecurity
Cybersecurity Engineering
Skills Required for Cybersecurity
Technology
CHAPTER 3 Establishing a Cybersecurity Process
General Aspects of a Cybersecurity Process
Standards and Best Practice
Cybersecurity Lifecycle
Management of Cybersecurity
Top Management Commitment
Cybersecurity Processes
Cybersecurity Culture
Roles and Responsibilities
Cybersecurity Awareness and Competence
Continuous Improvement
Information Sharing
Proactive Cybersecurity Engineering
Cybersecurity Responsibilities at Project Level
Cybersecurity Planning
Concept Phase
Item Definition
Threat Analysis and Risk Assessment
Risk Treatment and Cybersecurity Goals
CAL
Cybersecurity Requirements and Controls
Design Verification
Cybersecurity Testing
Cybersecurity Testing Challenges
Cybersecurity Testing at Different Lifecycle Phases
Cybersecurity Testing Activities
Vulnerability Analysis and Management
Cybersecurity during Production
Reactive Cybersecurity Engineering
Cybersecurity Monitoring
Evaluation of Cybersecurity Events.
Detecting and Responding to Attacks
Cybersecurity Incident Response
Assessing the Effectiveness of Detection and Response
Updates
End of Cybersecurity Support
Decommissioning
The Aftermarket
CHAPTER 4 Assurance and Certification
Assurance Activities
Validation
Assurance Case
Audit
Assessment
Certification
Type Approval
Assurance Summary
CHAPTER 5 Conclusions and Going Further
Frequently Asked Questions
What Is the Difference between UN Regulation 155 and ISO/SAE 21434?
To Which Types of Vehicles Does UN Regulation 155 Apply?
To Which Types of Organization Does ISO/SAE 21434 Apply?
How Do You Audit for Conformance to ISO/SAE 21434?
Is It Mandatory to Be Certified against ISO/SAE 21434?
Do I Have to Use ISO/SAE 21434 for My Cybersecurity Processes?
How Do I Know If My Item or Component Is Cybersecurity Relevant?
The Various Analysis Activities for Cybersecurity Engineering Look Very Time Consuming
How Do I Know When I Have Done Enough?
Does ISO/SAE 21434 Define Which Cybersecurity Tests Should Be Carried Out?
References
Index.
Title Page
Copyright Page
Contents
Preface
About the Authors
CHAPTER 1 Introduction to Automotive Cybersecurity
What Is Cybersecurity?
What Does "Cybersecurity" Mean in the Automotive Context?
Key Concepts and Definitions
CHAPTER 2 Cybersecurity for Automotive Cyber-physical Systems
Relationship between Cybersecurity, Functional Safety, and Other Disciplines
What Does "Cybersecurity" Mean in the Automotive Context?
The Vehicle Attack Surface
Wireless Interfaces
Long-Range Wireless Communications
Short-Range Wireless Communications
Wired Interfaces
In-Vehicle Networks
ECUs
Attack Paths and Stepping Stones
Addressing Cybersecurity-People, Process, and Technology
Management of Cybersecurity
Cybersecurity Engineering
Skills Required for Cybersecurity
Technology
CHAPTER 3 Establishing a Cybersecurity Process
General Aspects of a Cybersecurity Process
Standards and Best Practice
Cybersecurity Lifecycle
Management of Cybersecurity
Top Management Commitment
Cybersecurity Processes
Cybersecurity Culture
Roles and Responsibilities
Cybersecurity Awareness and Competence
Continuous Improvement
Information Sharing
Proactive Cybersecurity Engineering
Cybersecurity Responsibilities at Project Level
Cybersecurity Planning
Concept Phase
Item Definition
Threat Analysis and Risk Assessment
Risk Treatment and Cybersecurity Goals
CAL
Cybersecurity Requirements and Controls
Design Verification
Cybersecurity Testing
Cybersecurity Testing Challenges
Cybersecurity Testing at Different Lifecycle Phases
Cybersecurity Testing Activities
Vulnerability Analysis and Management
Cybersecurity during Production
Reactive Cybersecurity Engineering
Cybersecurity Monitoring
Evaluation of Cybersecurity Events.
Detecting and Responding to Attacks
Cybersecurity Incident Response
Assessing the Effectiveness of Detection and Response
Updates
End of Cybersecurity Support
Decommissioning
The Aftermarket
CHAPTER 4 Assurance and Certification
Assurance Activities
Validation
Assurance Case
Audit
Assessment
Certification
Type Approval
Assurance Summary
CHAPTER 5 Conclusions and Going Further
Frequently Asked Questions
What Is the Difference between UN Regulation 155 and ISO/SAE 21434?
To Which Types of Vehicles Does UN Regulation 155 Apply?
To Which Types of Organization Does ISO/SAE 21434 Apply?
How Do You Audit for Conformance to ISO/SAE 21434?
Is It Mandatory to Be Certified against ISO/SAE 21434?
Do I Have to Use ISO/SAE 21434 for My Cybersecurity Processes?
How Do I Know If My Item or Component Is Cybersecurity Relevant?
The Various Analysis Activities for Cybersecurity Engineering Look Very Time Consuming
How Do I Know When I Have Done Enough?
Does ISO/SAE 21434 Define Which Cybersecurity Tests Should Be Carried Out?
References
Index.