Cybersecurity and IoT compliance – Directive RED

Objectives

The objective of this training is, initially, to instill the basics and fundamental principles of cybersecurity and then to present the ETSI EN 303 645 standard, its implementation guide ETSI TR 103 621, and the assessment methodology ETSI TS 103 701. This is aimed at preparing you thoroughly for the certification of your product.

Day 1

  • INTRODUCTION TO CYBERSECURITY
    • Why cybersecurity?
    • “Internet of Things”
    • Practical work: Defining the architecture of a connected biometric lock
  • CYBERSECURITY FUNDAMENTALS
    • The triforce of protection criteria
    • New technologies, new threats
  • CYBERSECURITY RISK
    • Cybersecurity market
    • Security mechanisms
    • Practical: Defining the attack surface of a connected biometric lock
  • CYBERSECURITY BY DESIGN
    • Case studies
    • 12 principles of cybersecurity
  • THE RED DIRECTIVE
    • Legal, regulatory and standards aspects
    • EN 18031-1: Protection of networks 3(3)(d)
    • EN 18031-2: Protection of personal data and privacy 3(3)(e)
    • EN 18031-3: Protection against fraud 3(3)(f)
    • Practical: Identify potential vulnerabilities in a connected biometric lock

Day 2

  • ETSI EN 303 645 STANDARD
    • Scope of application
    • The 13+1 requirements of the standard
    • Practical: Define the provisions applying to a connected biometric lock
  • ETSI TR 103 621 IMPLEMENTATION GUIDE
    • Risk analysis and security assessment
    • Secure Development Life Cycle (SDLC)
    • Proposed implementations
  • ETSI TS 103 701 EVALUATION SPECIFICATIONS
    • How the assessment works
    • Implementation Conformance Statement (ICS)
    • Implementation eXtra Information for Testing (IXIT)
    • Practical: Prepare the evaluation file for a connected biometric lock
  • FIND OUT MORE
    • NIST 8425
    • ioXt certification
    • GSMA evaluation
    • PSA Certified schema
    • SESIP scheme

No experience in in-car safety is required. However, some knowledge of automotive infrastructure is desirable. If remote :

• Stable internet access via Ethernet or Wi-Fi with a good data rate (1.2 Mb/s minimum downstream is recommended).

• A PC / MAC with the Teams tool installed and unrestricted access to the internet.

This training is intended for individuals working in the field of connected devices, particularly those involved in projects that need to comply with the new RED directive. It can be delivered to an audience without prior knowledge of cybersecurity.

Expert in IoT and embedded cybersecurity.

  • PowerPoint presentation
  • Interactive web platform (Klaxoon)

Assessments at the beginning and end of the course, quizzes, etc.

5 working days before the course start date (if financed by OPCO).

A training certificate complying with the provisions of Article L. 6353-1 paragraph 2 is issued to the trainee.

AMONG OUR TRAINING

Cybersecurity and compliance rail – TS 50701

Cybersecurity of industrial systems IEC-62443

Contact us