Safety has always been one of the core pursuits for the sustained development of the automotive industry. The rapid development of intelligent transportation systems and vehicle cybersecurity technology also brings an increase in vehicle interfaces. As a consequence, the chances for network attacks also increase, bringing risks such as personal safety hazards and property damage.
The International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE) jointly drafted and published the ISO 21434 standard (full name ISO/SAE 21434 Road Vehicles - Automotive Cybersecurity Engineering) to further improve safety regulations in this area, creating a set of international standards for vehicle cybersecurity.
In this article, our Applus+ Laboratories experts showcase in-depth insight about the ISO 21434, interpreting how car companies can improve their cybersecurity level within its framework.
The main features of ISO 21434 are reflected in the following aspects:
The standard document of ISO 21434 proposes the methodology for vehicle information security risk evaluation - TARA, which includes steps such as asset identification, threat scenario identification, impact analysis, attack path analysis, attack feasibility rating, risk level evaluation, and risk handling measures. Experts from Applus+ Laboratories can provide certification support to automotive companies through TARA and penetration testing, helping to ensure the safety of automotive components and systems.
In addition, Applus+ Laboratories, as an independent certification laboratory, can provide cybersecurity evaluations of certification schemes for some vehicle components, such as GSMA (for eSIM), wireless power consumption (for wireless QI chargers), general standards or SESIP (for safety critical components such as V2X HSM), etc. When there are no mandatory requirements, Applus+ Laboratories can also provide independent cybersecurity evaluations to ensure network recovery capabilities.
Now, ISO 21434 is an important reference document for government regulation, industry guidance, and enterprise internal control in the field of automotive information security. It establishes comprehensive requirements for information security of road vehicles, their components, and interfaces, helping automotive companies achieve their vehicle information security management goals.
Always ready to meet upcoming industry advances, Applus+ Laboratories will continue to focus on the latest standards and provide professional services to ensure the cybersecurity of automotive systems and components.
Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). Click HERE for more information. You can accept all cookies by pressing the "Accept" button or configure or reject their use by clicking here.
They allow the operation of the website, loading media content and its security. See the cookies we store in our Cookies Policy
They allow us to know how you interact with the website, the number of visits in the different sections and to create statistics to improve our business practices. See the cookies we store in our Cookies Policy