May 26 (Tuesday) "Trends and Requirements for In-Vehicle Cybersecurity: Measures and Design to Achieve Them ~UN-R155 Cybersecurity Regulations and Risk Assessment Case Studies~" Zoom Seminar to be Held

AndTech Co., Ltd. (Headquarters: Kawasaki City, Kanagawa Prefecture; President: Masao Suyama; hereinafter AndTech) will explain "in-vehicle cybersecurity" "measures and design" as part of its R&D development support.

An active embedded engineer will give the lecture!

Five years have passed since UN-R155 came into effect, and we have provided various cybersecurity support, including threat analysis and vulnerability analysis. In this lecture, based on the knowledge and achievements gained by the lecturer, we will specifically introduce the key points for introducing cybersecurity measures.

Live Streaming / WEB Seminar Outline

──────────────────

Theme: Trends and Requirements for In-Vehicle Cybersecurity: Measures and Design to Achieve Them ~UN-R155 Cybersecurity Regulations and Risk Assessment Case Studies~

Date and Time: May 26, 2026 (Tuesday) 10:30-16:30

Recorded Viewing: Available

Participation Fee: 49,500 JPY (tax included) *Materials to be distributed electronically

URL:https://andtech.co.jp/seminars/1f12811c-cfc7-6bfc-93d2-064fb9a95405

WEB Distribution Format:

This will be a live streaming seminar using the web conferencing tool "Zoom."

Details will be provided after application.

Seminar Course Content Structure

────────────

Mr. Ayumu Sugiyama, Business Unit Manager, Cybersecurity Assurance Division, Atelier Co., Ltd.

Knowledge and Technical Issues to be Learned/Solved in this Seminar

───────────────────────

① Content/trends of regulations under UN-R155 cybersecurity regulations

② Overview of cybersecurity management in ISO/SAE 21434 (organization/mechanism)

③ Approach to threat analysis and risk assessment in ISO/SAE 21434

④ Product development process in ISO/SAE 21434 (design/implementation/evaluation)

⑤ Activities to be carried out in the post-development (product manufacturing/operation) phase in ISO/SAE 21434

⑥ P-SIRT (Product - Security Incident Response Team) activities in ISO/SAE 21434

All program items below (please see if you are interested in details)

──────────────────────────────

[Lecture Points]

In addition to knowledge about standards and specifications, we will explain the know-how necessary for automotive security measures in an easy-to-understand manner in one day, incorporating actual development experience.

[Program]

∽∽────────────────────────────∽∽

1. What is the necessity of ISO/SAE 21434 (benefits of using it)?

∽∽────────────────────────────∽∽

1-1. Trends in UN-R155 Cybersecurity Regulations

1-1-1. Hacking incidents against automobiles

1-1-2. Trends in cybersecurity measures in the automotive industry

1-1-3. Overview of cybersecurity regulations and application plan

1-1-4. Impact of non-compliance with cybersecurity regulations

1-2. Overview of UN-R155 Cybersecurity Regulations

1-2-1. What is CSMS (Cyber Security Management System) conformity assessment?

1-2-2. Overall picture of security processes that need to be developed for regulatory compliance

1-2-3. Identification of security risks and demonstrability of risk reduction

1-2-4. Application of security processes to the entire supply chain

1-2-5. Implementation of SIRT activities in the vehicle production/operation phase

1-3. Correspondence between UN-R155 Cybersecurity Regulations and ISO/SAE 21434

1-3-1. Overall structure of ISO/SAE 21434

1-3-2. Correspondence between UN-R155 and ISO/SAE 21434

∽∽────────────────────────────∽∽

2. Overall Overview of ISO/SAE 21434

∽∽────────────────────────────∽∽

2-1. How to Build Cybersecurity Management

2-1-1. Establishment and audit of cybersecurity governance

2-1-2. Product development plan and cybersecurity assessment

2-1-3. Conclusion of CIA (Cybersecurity Interface Agreement)

2-1-4. Establishment and operation of SIRT (Security Incident Response Team)

2-2. Approach to Cybersecurity Risk Assessment

2-2-1. Preparation for threat analysis (prerequisites and item definition)

2-2-2. Implementation of threat analysis (top-down approach and bottom-up approach)

2-2-3. Risk assessment methods (evaluation of attack impact/attack possibility)

2-2-4. Risk treatment methods (risk reduction/sharing/retention/avoidance)

2-2-5. Definition of cybersecurity goals/cybersecurity claims

2-3. Overview of Product Development Process (Design/Implementation/Evaluation)

2-3-1. Countermeasure technologies to achieve cybersecurity requirements

2-3-2. Vulnerability analysis for system architecture design

2-3-3. Vulnerability analysis for HW/SW architecture design

2-3-4. Addition of security measures for vulnerabilities identified in vulnerability analysis

2-3-5. Evaluation of cybersecurity measures (functional evaluation/vulnerability evaluation)

2-4. Vulnerability Management Methods Through Product Development to SIRT Activities

2-4-1. Management (collection) of vulnerability information identified in vulnerability analysis/vulnerability evaluation

2-4-2. Feedback of identified vulnerability information to design/evaluation processes

2-4-3. Feedforward of identified vulnerability information to SIRT activities

2-4-4. Risk assessment methods for vulnerabilities identified in SIRT activities

∽∽────────────────────────────∽∽

3. Explanation of Threat Analysis / Vulnerability Analysis and Risk Assessment Case Studies

∽∽────────────────────────────∽∽

3-1. Explanation of UN-R155 Cybersecurity Regulations Annex.5

3-1-1. Assumed threats in UN-R155 Cybersecurity Regulations (Annex.5 Table-A)

3-1-2. Cybersecurity measures to prevent assumed threats (Annex.5 Table-B, C)

3-2. Explanation of Threat Analysis / Vulnerability Analysis Case Studies

3-2-1. Case study of threat analysis (Attack Tree Analysis) in the concept phase

3-2-2. Case study of vulnerability analysis (STRIDE) in the product development phase

3-3. Risk Assessment Case Studies in the Concept Phase

3-3-1. Purpose of cybersecurity risk assessment (concept phase)

3-3-2. Case study of risk assessment for threat analysis results

3-3-3. Case study of security measures to prevent threat scenarios

3-4. Risk Assessment Case Studies in the Product Development Phase

3-4-1. Purpose of cybersecurity risk assessment (product development phase)

3-4-2. Case study of risk assessment for vulnerability analysis results

3-4-3. Case study of security measures to close identified vulnerabilities

[Q&A]

About AndTech Co., Ltd.

────────────

We provide R&D support services that offer information to clients responsible for R&D in a wide range of fields, including chemistry, materials, electronics, automobiles, energy, medical devices, food packaging, and building materials.

Our company has a team of top-class lecturers and offers various services, starting with "technical training courses and seminars," followed by "lecturer dispatch," "publishing," "consultant dispatch," "market trend research," "business matching," and "business development consulting."

We listen to our clients' voices and provide effective support to help them enter desired new business areas and markets.

https://andtech.co.jp/

AndTech Co., Ltd. Technical Training Course List

─────────────────

We hold numerous WEB lecture seminars by top-class lecturers every month.

https://andtech.co.jp/seminars/search

AndTech Co., Ltd. Book List

──────────────

We select highly demanded themes from a carefully chosen list and publish books.

https://andtech.co.jp/books

AndTech Co., Ltd. Consulting Services

─────────────────────

We dispatch highly specialized technical consultants with extensive experience.

https://andtech.co.jp/business-consulting

Contact regarding this matter

─────────────

AndTech Co., Ltd. Public Relations 담당 青