When: Dec. 10, 2020 | 6 p.m. Central European Summer Time(UTC+02)
Who: Bastian Kruck Solution Developer at Itemis AG
ISO/SAE 21434 across Tools, Teams and OrganizationsWithin the next two years, UNECE WP.29 will force road vehicle manufacturers and suppliers to implement ISO/SAE 21434. In my last talk at ASRG ("ISO/SAE21434 by Example“), I showed how our YAKINDU Security Analyst allows performing cybersecurity risk assessments that comply with this norm, and why it doesn’t fit into an excel spreadsheet anymore. But even the best tool has to be embedded into an ecosystem. How might such analysis stay in sync with the technical architecture? How may suppliers deliver analysis results to the OEM? How may analysis results be merged to validate the vehicle as a whole? How may the analysis be kept up to date with new 0days? In today’s talk, I will propose a vision that addresses these questions. As part of that, I will introduce our openXSAM.io initiative, which aims at establishing an open exchange format for cybersecurity risk assessments to transfer data between tools, teams and organizations.
About the Presenter:
Visit Speaker Profile