The security standard defines the guidelines, objectives, and requirements for implementing a solid cyber-security culture and supports the implementation of UN R155 across organizations throughout the supply chain. As a result, the standard helps OEMs and their suppliers stay on top of changing technologies and the latest cyber-attack methods.
While this was much-needed in the automotive industry, the timeline for the implementation of UNR155 (set to roll out worldwide from July 2022 onward) and adoption of the ISO/SAE 21434 brings to the surface a number of challenges. According to experts in the industry, compliance to the ISO 21434 standard requires fundamental awareness of cybersecurity which is holistic in nature. This involves adopting a view of how cybersecurity considerations can be included in all processes (both technical and non-technical) on an organizational level, a gap that is yet to be bridged. Further, according to a leading industry semiconductor manufacturer, the rather open nature of the standard means that companies are responsible for “finding their own truth.”
Based on years of experience reviewing, testing, and certifying secure devices and software across various industries, Riscure has created a dedicated Automotive Security Architect Program. This is a primer to automotive security aimed at management, decision-makers, and architects. In this interactive program, we introduce what security means for the automotive industry in the landscape of the new regulations and point out what the impact is on existing development processes. This training has been updated to reflect on the specifics of ISO/SAE 21434 as well as other automotive security standards. To learn more about our automotive security offer, visit this page.