Cybersecurity Interface Agreement as required ISO/SAE 21434 work product
Service interface agreements that are set up correctly have always played a crucial role in distributed development in the automotive industry. In accordance with the requirements of ISO/SAE 21434, cybersecurity responsibilities are clarified with the so-called Cybersecurity Interface Agreement (CIA). Learn about the structure and content of this document in this video course.
NEW: Discover a formulated template for a CIA in the new ISO/SAE 21434:2021 Workbook.
The Cybersecurity Interface Agreement in distributed development and compliance to ISO/SAE 21434
To establish a road of successful cooperation among automotive value chain players, suppliers and customers must agree on how development will be distributed regarding cybersecurity activities. This is where the Cybersecurity Interface Agreement comes into play and gains importance, besides being a required ISO/SAE 21434 work product. The aim is to avoid obstacles and clarify responsibilities, therefore, in this video course you will learn how to structure a Cybersecurity Interface Agreement.
First, we will begin by explaining the contents and purpose of the Cybersecurity Interface Agreement, when it should take place, and its role in distributed development.
Next, we will present how it might look like according to the ISO/SAE 21434 Annex C Cybersecurity Interface Agreement Template, structure, and content by each section.
At last, we will explain the similarities and differences between the ISO/SAE 21434 Cybersecurity Interface Agreement (CIA) and ISO 26262 Development Interface Agreement (DIA) side by side.
Discover a template for Cybersecurity Interface Agreement and more: with the new ISO/SAE 21434:2021 Workbook – officially licensed by ISO (Published end of 2023)
At the end of 2023, we have published the ISO/SAE 21434:2021 Workbook. This new publication is designed to simplify practical work with the most important automotive cybersecurity standard, the ISO/SAE 21434. The workbook includes:
- all WPs (and corresponding RQs,RCs and PMs) of ISO/SAE 21434:2021 (“First Edition”) – officially licensed by ISO.
- Field-tested templates (in a formulated explanatory way) for six key work products: Cybersecurity Plan, Cybersecurity Case, Cybersecurity Interface Agreement, Item Definition, Cybersecurity Concept, and Threat Analysis and Risk Assessment.
- A cybersecurity controls catalogue, expert interviews, background information, explanations with a practical perspective across the automotive value chain.
Please find the full table of contents and more information over here.
Who the Cybersecurity Interface Agreement video course is made for
For project managers in automotive
Knowing where responsibilities lay, especially in distributed development, is key to track tasks, time, cost, and plan resources accordingly. Therefore, knowing the impact of the cybersecurity interface agreement is crucial for projects in automotive involving cybersecurity.
For sales, acquisition, and quality managers in automotive
Managers involved in customer and supplier relations must know the impact of the cybersecurity interface agreement as it becomes part of the contract. Moreover, quality managers should know how it supports compliance to ISO/SAE 21434 and the UN Regulation 155.
Cybersecurity Interface Agreement video course content
In this section, we will introduce the role and importance of the Cybersecurity Interface Agreement in distributed development and why this video course is of importance for your role.
II. Cybersecurity Interface Agreement as starting point for distributed development
Here, you will learn what are the contents of the cybersecurity interface agreement and what each of them should include. We will also highlight its role for distributed development, when it takes place, and parties involved.
III. Cybersecurity Interface Agreement: an illustrative example
In this section, we present an exemplary Cybersecurity Interface agreement according to ISO/SAE 21434 Annex C template in a visual illustration, explain the structure and content for each section.
As it may sound familiar to you, hereby we will explain how the ISO/SAE 21434 work product Cybersecurity Interface Agreement relates and differentiates to ISO 26262 Functional Safety’s work product Development Interface Agreement (DIA).
V. Summing up Cybersecurity Interface Agreement video course
Finally, we will circle back into the main learned lessons from this video course.