The Process Assessment Model (PAM) “Automotive SPICE® for Cybersecurity” provides an extension to Automotive SPICE® in six new processes. The course introduces the topic of Cybersecurity and prepares assessors for the assessment of these processes.

Objective

This training introduces the model extension “Automotive SPICE® for Cybersecurity” and enables participants to apply the model extension. Participants will acquire the ability to extend their analysis expertise to cybersecurity and to analyze and assess development processes regarding cybersecurity aspects. intacs® certified assessors who acquire expertise in Cybersecurity with this training are qualified to lead an assessment using Automotive SPICE® for Cybersecurity after passing the exam.

Content

The content of this training is based on the syllabus published by intacs®. intacs® provides standard training material to the intacs® Training Providers which covers the following topics:

• Cybersecurity know-how, including:
  • Cybersecurity motivation and goals
  • Cybersecurity vs. Functional Safety
  • Cybersecurity Standards (UNECE, ISO/SAE 21434, …)
  • Threat Analysis and Risk Assessment (TARA)
  • Cybersecurity Implementation
  • Methods for Cybersecurity tests, e.g., penetration testing
• The processes of the Automotive SPICE® for Cybersecurity model in detail (base practices, methods, guidelines, assessments, rating):
  • ACQ.2 Supplier Request and Selection
  • MAN.7 Cybersecurity Risk Management
  • SEC.1 Cybersecurity Requirements Elicitation
  • SEC.2 Cybersecurity Implementation
  • SEC.3 Risk Treatment Verification
  • SEC.4 Risk Treatment Validation
• Cybersecurity hints and comments that must be considered when implementing or assessing existing Automotive SPICE® v3.1 processes, including:
  • Acquisition processes ACQ.3, ACQ.4, ACQ.14, ACQ.15
  • System development processes SYS.2 to SYS.3
  • Software development processes SWE.1 to SWE.3
  • Software test processes SWE.4 to SWE.6
  • System test processes SYS.4 and SYS.5
  • Supporting processes SUP.1 and SUP.8
  • MAN.3 Project Management
  • MAN.5 Risk Management
  • Capability Level 2 and 3
• Exercises
• Exam preparation

Target Audience

This training is primarily intended for intacs® certified Automotive SPICE® assessors. However, participants in cybersecurity-related application projects who already have a sound basic knowledge of Automotive SPICE® can also attend.

Preconditions

• Ideally: Existing certification as an intacs® Automotive SPICE® assessor.
• Mandatory: Sound knowledge of the Automotive SPICE® process assessment model in the current version.
• Participants should have several years of professional experience in the IT industry (e.g., software/system development, project management, quality management, etc.).

Certification

• In the case of exam participation, examination fees are added to the seminar price.
• The exam is taken by the VDA QMC. The Zoom software is used for online examinations. The use of a webcam is mandatory.
• Additional fees apply for the exam and certification as published on the Website of VDA-QMC

Further information

• This training is exclusively taught by experienced intacs® Certified Principal Assessors with extensive practical assessment experience. In addition, they are accredited intacs® instructors.
• The course materials are available in English.
• Each participant will receive training documents as well as a confirmation of participation.
• The seminar price includes the Process Fellows Pocket Guide, which contains Automotive SPICE v3.1 as well as Automotive SPICE for Cybersecurity v1.0.
• When conducted online, all materials are provided electronically in PDF format.

Duration: 3 days

You would like to perform the training in-house or online? We fit the contents individually to your needs!