Automotive Cybersecurity: ISO 21434, CSMS and S...
Christof Ebert and Ruschil Ray
Automotive Cybersecurity: ISO 21434, CSMS and SUMS
Automotive cybersecurity is a critical challenge for the entire automotive industry. With components and systems being interconnected, they invite external penetration. Security directly impacts functionality, user experience and functional safety, and thus has become subject to product liability. For instance, if manipulating a system yields an accident or harm, the cybersecurity process obviously was not sufficient.
Standards such as ISO 21434, but also UNECE R.155 (CSMS) and R.156 (SUMS) determine cybersecurity along the life cycle. OEMs and suppliers have to ensure an effective protection against manipulations of E/E systems, both in the vehicle as well as remote to the enterprise IT and cloud services. Key points are the systematic identification of security requirements towards security functions, and a security validation to demonstrate that the requirements have been met.
Based on our experiences at Vector and with cybersecurity consulting around the world, we will show typical challenges and best practices. We will show with concrete examples how these practices improve developing secure systems and how these activities can be performed efficiently in the automotive domain. We give guidance on the organizational design in the implementation of the standards. A case study on the efficient implementation of UNECE CSMS/SUMS with ISO 26262 and ISO 21434 completes the webinar.