ISO 21434 Automotive Cybersecurity

True safety encompasses cybersecurity

Get Started Today!

Without Cybersecurity You Do Not Have Safety

Autonomy is driving the connected vehicle. With that connectivity comes cybersecurity threats. These threats are above and beyond what you will handle in FS. The standards are evolving, so there is no one size fits all.

All connected products and organizations need to be customized to the latest cybersecurity standards. You need to assess the standards that are being published.

SAE J3061
ISO 21434
IoT Cybersecurity foundation standards
IT standards for security
UNECE

You need a person who will understand where these standards intersect and need to live within your lifecycle.

The ultimate goal is to reduce your risk.

Cybersecurity Work Packages

Cybersecurity Risk Assessment

Input: The features, processes, and assets that encompass the entire ecosystem of the project.
Output: A Cybersecurity Risk Assessment output that is tailored to the impact area prioritization of your business that ranks the vulnerabilities in descending order of severity with mitigation plans.

Security Processes

Input: Standards, Regulations and Best Practices for your industry, business needs.
Output: A Cyber Security Management System (CSMS) that provides structure to secure Continuous Integration/Continuous Delivery (CI/CD) process implementation that is tailored to your needs.

Security Tool Selection & Qualification

Input: Security implementation plan, current development toolchain, existing design portfolio, product line roadmap, business needs and constraints.
Output: A software composition analysis tool that can integrate with existing toolchains that align with overall goals and engineering workflows.

Cybersecurity Training

Input: Mapping of existing skills related to business needs, product line roadmap and ecosystem.
Output: Training on security related processes, tools, device processor security features to close the gaps and accelerate the development team.

Security Architecture & Product Development

Input: Business needs and stakeholder/product requirements.
Output: Cybersecurity architecture, design, development, and engineering from concept to production and post-production (i.e. Threat Analysis and Risk Assessment (TARA), and Mitigation Controls) for OEM and suppliers.

Cybersecurity Project Management

Input: Assessment, Work Scope, Project Management.
Output: Schedules, budget, plans to achieve Cyber Security Compliance such as ISO 21434, NIST Cybersecurity Framework, and IEC 62443 for example.

Cybersecurity Standards Compliance

Input: Applicable cybersecurity standards and product roadmaps, including ISO 21434, IEC 62443, NIST Cybersecurity Framework, UNECE Regulation 155, 156, and ISO PAS 5112 to name a few.
Output: Cybersecurity analysis report and compliance implementation plan.

Security Verification & Validation

Input: Systems, subsystems, components, software, hardware requirements, and business processes and tools.
Output: Cybersecurity verification and validation of systems, including the development of test scripts and associated hardware, and processes documentation for OEM and suppliers.

Cybersecurity Analysis

Input: Product requirements and design.
Output: Cybersecurity analysis from concept to production and post-production (i.e. TARA, Risk Assessments, Trusted Suppliers).

Free eBook Download

The Fundamentals of Automotive Cybersecurity

eBook - Auto CySe - Mockup - VP-2

Resolving the additional risks posed on transportation systems given the connectivity, communications, and complexity of the industry is paramount to achieving overall trustworthiness.

Safety + Security = Trust