Connected Car Design: The Need for an Understanding of Automotive Cybersecurity

SAE International offers an in-depth certification course in cybersecurity for the automotive industry.

SAE International has sponsored this post.

Automotive OEMs and suppliers alike are facing new challenges when it comes to connected and autonomous vehicles.  Like many disruptive advances, the development and implementation of new technologies introduces multiple concerns—from regulatory and standards requirements, to customer expectations—and particularly in the context of connected vehicles, cybersecurity. The heavy reliance on computer systems, operating software and wireless communication means a growing concern over issues of cybersecurity when it comes to our vehicles.  When even a single software vulnerability can threaten the operation and safety of an autonomous, connected vehicle, security can’t be left to chance.

This means that commercial and consumer vehicle development, and the development of their components, now require cybersecurity to be a central concern—supporting both the full vehicle lifecycle through to end-of-life and supporting consumer confidence in the safety and security of their vehicle and its data.

These cybersecurity challenges run the gamut, from data vulnerability both locally and remotely, to the complex Internet of Things (IoT) ecosystem of a connected vehicle, to the increased number of hacking attack vectors available through Wi-Fi hotspots and embedded SIMs.  Autonomous and connected vehicles need to be protected from all of these threats, whether the target is vehicle or driver data or even control of the vehicle on the road.

To help ensure the future safety and security of connected vehicles, the International Standards Organization (ISO) and SAE International developed the ISO/SAE 21434 “Road Vehicles – Cybersecurity Engineering” standard.  The standard is intended to guide OEMs and automotive product developers in the design and implementation of cybersecurity solutions throughout the lifecycle of a vehicle from design and production, through customer operation and maintenance, to decommissioning and end-of-life.

With the ISO/SAE 21434 standard well on its way to wide-scale adoption in the automotive industry, it is vital for engineers in the industry to develop the right understanding of cybersecurity solutions in order to tackle these challenges. Unlike traditional CAN bus-type data structures hardwired into vehicle harnesses, modern automotive software is frequently updated through the cloud, or wirelessly at a dealership. The potential for both attack, and accidental damage to code, is real.  For those engineers who are interested in automotive cybersecurity, whether they are already working at an automotive OEM or supplier and are looking to move into this area, pursuing professional training ensures they will have the skills to implement robust and scalable cybersecurity strategies. 

SAE International provides a wide range of professional development and training courses for engineers and technical professionals in the mobility industry.  Courses are taught by subject matter experts from both industry and academia, addressing vital topics related to technologies, regulations and business for the automotive, aerospace and commercial vehicle industries. Courses are available in-classroom, online, and on-demand to suit the needs and schedules of working professionals.

There are significant benefits to pursuing technical training through a professional organization such as SAE.  First and foremost, courses through SAE will ensure that you are training on the most recent technology and with most recent information available in the industry.  Courses are also taught by established subject matter experts and professionals in the mobility industry, who bring a wealth of practical knowledge to support the course curriculum.

Participants also have the opportunity to meet and collaborate with peers in their field and industry, helping them to grow their professional networks. SAE courses are also eligible to earn certificates demonstrating successful completion of the course, and are approved for the IACET Continuing Education Units (CEUs) or Professional Development Units (PDUs) needed to maintain licensing and support their professional development.

Understand Automotive Cybersecurity with Certification from SAE

SAE International offers an in-depth certification course in cybersecurity for the automotive industry, Automotive Cybersecurity Certification: Level One, specifically focused on the development of connected and autonomous vehicles. Developed in cooperation with TÜV SÜD, experts in safety, security and sustainability solutions, the course provides participants with the necessary basic knowledge to be able to consider new cybersecurity requirements according to the ISO/SAE 21434 security standard.

The course is a two-day live online session targeted toward those already working in the automotive industry in cybersecurity, management or audit environments.

Throughout the course, participants develop an understanding of vehicle quality and risk management, the connection between threat and risk analysis, security concepts, security specifications, and verification and validation concepts over the complete life cycle of a vehicle.

The course covers vital topics in cybersecurity engineering for vehicle development, including:

  • Challenges facing the automotive industry due to the transformation and digitization of mobility.
  • Automotive cybersecurity principles including protecting from hackers, protection mechanisms, terminology, and cybersecurity engineering throughout the product lifecycle.
  • Regulations, standardization and legislation relevant to automotive cybersecurity, and the associated challenges to implementation and best practices for implementation.
  • Understanding the ISO/SAE 21434 standard, including risk and threat analysis, testing and assessment, demonstrated through practical industry examples.

This Level One course is designed to provide participants with a strong understanding of automotive cybersecurity standards and regulations, particularly ISO/SAE 21434/UN ECE 156, 157 and 158.  A Level Two course is in development to follow later in 2022, which will focus on the teaching participants to implement these standards and regulations.

Successful completion of the course and final assessment provides participants with a certification from TÜV SÜD and SAE demonstrating their mastery of the course content, as well as 1.3 CEU/PDU credits toward licensing and professional development requirements.

The Automotive Cybersecurity Certification: Level One course is offered multiple times throughout the year, approximately once per month through to the end of 2022.  The next upcoming session is May 9-10, 2022.

Registration is available through SAE for $1,603, which includes the exam fee and the cost to access the ISO/SAE 21434 standard.  The course package includes electronic access to the ISO/SAE 21434 at a 10 percent discount as part of the bundle. Participants who already have access to the standard through their employer can enroll for the course content only. The course is also available for corporate group learning.

Full course details and registration can be accessed through the SAE International learning portal.