ISO/SAE 21434:2021 – Road vehicles – Cybersecurity engineering
Page Information
Contents
ISO/SAE 21434:2021 – Road vehicles – Cybersecurity engineering
Introduction of ISO/SAE 21434:2021
Due to the recent rapid spread of electric vehicles, the development of autonomous driving, and the increasingly accelerated electronification of vehicles, the importance of cybersecurity related to vehicles is increasingly emerging. This means that as information media and vehicles, such as software and iOTs, are increasingly closely related, there is an increased risk of leakage of various information from vehicles and owners. This information includes the personal information of the vehicle and the owner, location information, call details or GPS destinations, and important data related to the vehicle's software and vehicle control system. International regulations and restrictions are rapidly evolving to guard against these security threats, and the ISO/SAE 21434:2021 standard has been prepared to address them. ISO/SAE 21434:2021 is the leading standardization of automotive cybersecurity and is the international standard certification of cybersecurity risk management over the entire vehicle life cycle, from the concept of electronic and electrical systems to product development, manufacturing, operation, maintenance, and disposal.
< ISO/SAE 21434:2021 >
Necessity of ISO/SAE 21434:2021
- • Respond quickly to various regulations related to vehicle security systems
- • Increased service reliability when providing security services for vehicles, such as presenting security solutions or providing security solution consulting
- • Proof that objective and authorized security assessments have been made
- • Operate your system efficiently
- • Cost savings associated with security technology
< ISO/SAE 21434:2021 >
ISO/SAE 21434:2021 Main Target
- • Car manufacturer vendor (delivery contractor)
- • Manufacturer of vehicle electrical equipment
- • Manufacturers of vehicles and external connections such as GPS and IOTs
- • Manufacturer of aftermarket products for vehicles
- • Manufacturers of maintenance equipment such as scanning equipment that allows connecting vehicle OBD terminals and access to ECU
- • Application developers that can connect and control vehicles
ISO/SAE 21434:2021 Requirements
- Scope
- Normative references
- Terms, definitions, and abbreviated terms
- General consideration
- Organizational cybersecurity management
- Project dependent cybersecurity management
- Distributed cybersecurity activities
- Continual cybersecurity activities
- Concept
- Product development
- Cybersecurity validation
- Production
- Operations and maintenance
- End of cybersecurity support and decommissioning
- Treat analysis and risk assessment methods
- Annex A Summary of cybersecurity activities and work product
- Annex B Examples of cybersecurity culture
- Annex C Example of cybersecurity interface agreement template
- Annex D Cybersecurity relevance – example methods and criteria
- Annex E Cybersecurity assurance levels
- Annex F Guidelines for impact rating
- Annex G Guidelines for attack feasibility rating
- Annex H Examples of application of TARA methods – headlamp system
If you have any questions, please contact us at the following email address.
E-mail: info@igcert.org
- PreviousFood Loss and Waste (FSSC 22000 Version 6) 23.12.21
- NextFDA GRAS Notification 23.11.06
Comment list
There are no registered comments.