on-imac

ISO 21434 Automotive Cybersecurity

True safety encompasses cybersecurity

 

Get Started Today!

CONTACT US
 

Without Cybersecurity You Do Not Have Safety

 

Autonomy is driving the connected vehicle. With that connectivity comes cybersecurity threats. These threats are above and beyond what you will handle in FS. The standards are evolving, so there is no one size fits all. 

All connected products and organizations need to be customized to the latest cybersecurity standards. You need to assess the standards that are being published. 

  • SAE J3061
  • ISO 21434
  • IoT Cybersecurity foundation standards 
  • IT standards for security

You need a person who will understand where these standards intersect and need to live within your lifecycle. 

The ultimate goal is to reduce your risk.

 

Cybersecurity Work Packages

Cybersecurity Risk Assessment

Cybersecurity Risk Assessment

  • Input: The features, processes, and assets that encompass the entire ecosystem of the project.
  • Output:  A Cybersecurity Risk Assessment output that is tailored to the impact area prioritization of your business that ranks the vulnerabilities in descending order of severity with mitigation plans.

Security Processes

Security Processes

  • Input: Standards, Regulations and Best Practices for your industry, business needs.
  • Output: A Cyber Security Management System (CSMS) that provides structure to secure Continuous Integration/Continuous Delivery (CI/CD) process implementation that is tailored to your needs.

Security Tool Selection & Qualification

Security Tool Selection & Qualification

  • Input: Security implementation plan, current development toolchain, existing design portfolio, product line roadmap, business needs and constraints.
  • Output: A software composition analysis tool that can integrate with existing toolchains that align with overall goals and engineering workflows.

Cybersecurity Training

Cybersecurity Training

  • Input: Mapping of existing skills related to business needs, product line roadmap and ecosystem.
  • Output: Training on security related processes, tools, device processor security features to close the gaps and accelerate the development team.

Security Architecture & Product Development

Security Architecture & Product Development

  • Input: Business needs and stakeholder/product requirements.
  • Output: Cybersecurity architecture, design, development, and engineering from concept to production and post-production (i.e. Threat Analysis and Risk Assessment (TARA), and Mitigation Controls) for OEM and suppliers.

Cybersecurity Project Management

Cybersecurity Project Management

  • Input: Assessment, Work Scope, Project Management.
  • Output: Schedules, budget, plans to achieve Cyber Security Compliance such as ISO 21434, NIST Cybersecurity Framework, and IEC 62443 for example.

Cybersecurity Standards Compliance

Cybersecurity Standards Compliance

  • Input: Applicable cybersecurity standards and product roadmaps, including ISO 21434, IEC 62443, NIST Cybersecurity Framework, UNECE Regulation 155, 156, and ISO PAS 5112 to name a few.
  • Output: Cybersecurity analysis report and compliance implementation plan.

Security Verification & Validation

Security Verification & Validation

  • Input: Systems, subsystems, components, software, hardware requirements, and business processes and tools.
  • Output: Cybersecurity verification and validation of systems, including the development of test scripts and associated hardware, and processes documentation for OEM and suppliers.

Cybersecurity Analysis

Cybersecurity Analysis

  • Input: Product requirements and design.
  • Output: Cybersecurity analysis from concept to production and post-production (i.e. TARA, Risk Assessments, Trusted Suppliers).

Free Download

Download the Latest Guide to Learn Why ISO 26262 Isn't Enough for a Safe Autonomous Vehicle 

ISO 26262 Not Enough


Download the Guide

 

Overview of illustration of intersection with cars and radars

Resolving the additional risks posed on transportation systems given the connectivity, communications, and complexity of the industry is paramount to achieving overall trustworthiness. 

Safety + Security = Trust

Get Started Today 

Need Guidance on How to Approach Cybersecurity Adoption? 

 

CONTACT US