Cover -- Title Page -- Copyright Page -- Contents -- Preface -- About the Authors -- CHAPTER 1 Introduction to Automotive Cybersecurity -- What Is Cybersecurity? -- What Does "Cybersecurity" Mean in the Automotive Context? -- Key Concepts and Definitions -- CHAPTER 2 Cybersecurity for Automotive Cyber-physical Systems -- Relationship between Cybersecurity, Functional Safety, and Other Disciplines -- What Does "Cybersecurity" Mean in the Automotive Context? -- The Vehicle Attack Surface -- Wireless Interfaces -- Long-Range Wireless Communications -- Short-Range Wireless Communications -- Wired Interfaces -- In-Vehicle Networks -- ECUs -- Attack Paths and Stepping Stones -- Addressing Cybersecurity-People, Process, and Technology -- Management of Cybersecurity -- Cybersecurity Engineering -- Skills Required for Cybersecurity -- Technology -- CHAPTER 3 Establishing a Cybersecurity Process -- General Aspects of a Cybersecurity Process -- Standards and Best Practice -- Cybersecurity Lifecycle -- Management of Cybersecurity -- Top Management Commitment -- Cybersecurity Processes -- Cybersecurity Culture -- Roles and Responsibilities -- Cybersecurity Awareness and Competence -- Continuous Improvement -- Information Sharing -- Proactive Cybersecurity Engineering -- Cybersecurity Responsibilities at Project Level -- Cybersecurity Planning -- Concept Phase -- Item Definition -- Threat Analysis and Risk Assessment -- Risk Treatment and Cybersecurity Goals -- CAL -- Cybersecurity Requirements and Controls -- Design Verification -- Cybersecurity Testing -- Cybersecurity Testing Challenges -- Cybersecurity Testing at Different Lifecycle Phases -- Cybersecurity Testing Activities -- Vulnerability Analysis and Management -- Cybersecurity during Production -- Reactive Cybersecurity Engineering -- Cybersecurity Monitoring -- Evaluation of Cybersecurity Events.

Detecting and Responding to Attacks -- Cybersecurity Incident Response -- Assessing the Effectiveness of Detection and Response -- Updates -- End of Cybersecurity Support -- Decommissioning -- The Aftermarket -- CHAPTER 4 Assurance and Certification -- Assurance Activities -- Validation -- Assurance Case -- Audit -- Assessment -- Certification -- Type Approval -- Assurance Summary -- CHAPTER 5 Conclusions and Going Further -- Frequently Asked Questions -- What Is the Difference between UN Regulation 155 and ISO/SAE 21434? -- To Which Types of Vehicles Does UN Regulation 155 Apply? -- To Which Types of Organization Does ISO/SAE 21434 Apply? -- How Do You Audit for Conformance to ISO/SAE 21434? -- Is It Mandatory to Be Certified against ISO/SAE 21434? -- Do I Have to Use ISO/SAE 21434 for My Cybersecurity Processes? -- How Do I Know If My Item or Component Is Cybersecurity Relevant? -- The Various Analysis Activities for Cybersecurity Engineering Look Very Time Consuming -- How Do I Know When I Have Done Enough? -- Does ISO/SAE 21434 Define Which Cybersecurity Tests Should Be Carried Out? -- References -- Index.