Is your vehicle secure enough? So, how can ISO/SAE 21434 provide the solution? With the current trend of connected vehicles to the external world Cybersecurity has also become a major challenge in the automotive field.
What is ISO/SAE 21434?
It is a standard that provides cybersecurity engineering guidelines. These are for all processes across different phases of a vehicle’s lifecycle.
This standard defines the requirements for the cybersecurity process. These requirements include risk management for road vehicles.
Together with their components and interfaces throughout engineering, production, operation, maintenance, and decommissioning.
The Imminent Dangers
Cars today are prone to cyber-attacks. This is due to the advent of networked and autonomous vehicles.
Many interfaces such as WLAN, Bluetooth, LTE, or USB, now integrate with vehicles. Thus, vehicles have become “networked computers on wheels”.
Cars now are vulnerable to hacking activities. If they’re within the range, modern vehicles will then connects to a network. Cybercriminals can take advantage to intercept and steal information.
Moreover, they can disrupt the car’s normal functions. And also, they can even attack users and endanger their lives.
How ISO/SAE 21434 Provides The Solution
This standard’s goal is to manage cybersecurity threats. Both for road vehicle’s electrical and electronic systems. The standard splits into several sections.
Cybersecurity Management
The goal is that cybersecurity will be a mandatory need. For across the organizations involved in the life cycle of road vehicles. This may include:
- defining objectives and a strategy through governance
- creating rules and processes to put in place a strategy
- applying continuous improvement
- performing audits
- managing interactions between processes, etc.
Risk Assessment Methods
It starts with identifying the assets. And followed by analyzing the associated threats via damage scenarios.
Also, it includes attack and vulnerability analysis. These will be the inputs to the risk calculation. Then, this will determine what treatment fits to address that risk.
Concept Phase
This phase determines the exposure to cybersecurity risks of a specific vehicle item. So, this may include tailoring cybersecurity activities. That is if the plan was to reuse that item later.
Product Development
This section guides specifying cybersecurity requirements for system hardware and software design. Also, this verifies that the system design and cybersecurity specification adapt to the concept.
Productions, Operations, And Maintenance
This section ensures that the produced item will meet the cybersecurity specifications.
Additionally, it defines cybersecurity monitoring requirements for gathering and reviewing relevant cybersecurity information.
Supporting Processes
This section details operational management systems to support cybersecurity activities. In addition, it will define the interactions, dependencies, and responsibilities between customers and suppliers.
And, also it will be an evidence that the tools used during the lifecycle do not affect cybersecurity.
The Conclusion
The benefits of this standard are clear. ISO/SAE 21434 is no doubt important. It will become well-defined to ensure cybersecurity impact on the vehicle.
ISO/SAE 21434 intends to guide the automotive industry. As it adopts more secure online and offline practices to ensure the safety of its users.
Therefore, this means that the produced product will become less prone to cyber-attacks. And also, not a threat to human life.