ISO 24089 Road Vehicles — Software update engineering Overview
In this video course, you will get an introduction to the most relevant standard on software updates for the automotive industry: the ISO 24089. After completing the video course, you will be able to distinguish the different software update phases, recognize the most important components of the standard, as well as gain an understanding of how it intersects with UN Regulation No. 156.
Ensuring secure vehicle software updates according to the ISO 24089 standard
With increasing software updates, automotive cybersecurity professionals worldwide have kept an eagle eye on ISO 24089. The standard’s purpose is to standardize requirements and documentation for software updates in the automotive industry. Thus, just like the ISO/SAE 21434 supports in achieving compliance with UN Regulation No. 155 and the topic of CSMS, the ISO 24089 supports compliance with UN Regulation No. 156 along the topic of Software Update Management System (SUMS). In this video course, you will get a first overview on the scope of ISO 24089, including involved stakeholders and the steps required to ensure secure software updates.
First, we will introduce the three main phases of software updates: pre-update, update, and post-update. As a result, you will learn which steps and considerations must take place at each stage.
Shortly after, we will also introduce the topic of Software Update Management System (SUMS) and how it is treated by the UN Regulation No. 156 and ISO 24089. You will also be able to recognize the main differences between the standard and regulation.
As the main learning goal of this video course, you will first get an overview on ISO 24089 as we go through the structure and main components. Then, you will get to know all the relevant topics and steps that must be considered for each of main clauses of the ISO 24089 standard starting at the organizational and project levels and continue presenting relevant topics for the clauses remaining on the infrastructure, the software update package itself, the software update campaign and the corresponding vehicle.
Afterwards, we will also show you where the work products and processes take place along the software update process and at which level in a visual overview. As the last lesson, we will also highlight which topics and tasks from the ISO 24089 standard relate to those from the ISO/SAE 21434 and the required Cybersecurity Management System CSMS.
Who the ISO 24089 course is made for
Professionals involved in testing
Actions should already take place even before rolling out software updates during the pre-update phase. Therefore, it is essential to know which activities and steps need to be considered to ensure secure software updates and comply with ISO 24089.
Software and systems engineers
In this video course, you will learn about secure software updates in accordance to ISO 24089 and know exactly which topics and steps must take place. Moreover, you will also find intersections between ISO/SAE 21434’s CSMS and ISO 24089.
ISO 24089 – Video course content
Here you will be introduced to the main learning objectives of the ISO 24089 CYRES Academy on-demand video course, as well as its relevance for the automotive industry.
II. Software updates explained
Learn about the three main phases of software updates, which steps take place at each stage, the main considerations, and the importance of security along the software update process.
III. What is SUMS?
Understand what Software Update Management System (SUMS) is in the eyes of UN Regulation No. 156 and ISO 24089 and how it differs from regulatory and standard perspective.
IV. ISO 24089 Overview
In a glance, you will learn about the whole ISO 24089 structure and main components. You will also learn about the different players involved during the software update process.
First, we will begin at the organizational level software update requirements and explain who is responsible for establishing governance. Here, we will also highlight how governance relates to ISO/SAE 21434, ISO 26262, and introduce other organizational activities. From there, we will continue to present the topics related to the rest of the following clauses of that standard.
VI. Overview on topics and stages defines in the standard
Know when work products and processes included in ISO 24089 take place at each stage along the software update process and to which level they belong in a visual representation.
VII. Interface with CSMS
Recognize ISO/SAE 21434 work products relevance for achieving ISO 24089 compliance and corresponding certification in a visual overview.
VIII. ISO 24089 summary
Finally, get a round up on the main lessons learned during the ISO 24089 CYRES Academy on-demand video course.