What is this solution pack about?
As the vehicle becomes more and more connected so does the need for the vehicle to be safe and secure. Cybersecurity, within the context of road vehicles, is the protection of automotive electrical/electronic systems, communication networks, control algorithms, software, users, and underlying data from malicious attacks.
The solution pack can be used for internal audits (first party), for audits conducted by organizations on their external parties (second party) and for external audits conducted by third parties (e.g. for the purpose of certification). The solution pack can also provide guidance for those involved in auditor training or personnel certification to meet BS ISO/SAE 21434 Road vehicles – Cybersecurity engineering and compliance with UNECE Regulation 155 (R 155).
The solution pack is to help the automotive industry and supply chain meet the UNECE Regulation 155 (R 155), which covers the provisions for vehicle cybersecurity and cybersecurity management systems. The UK Vehicle Certification Agency have stated that the UNECE Regulation 155 (R 155) is closely aligned with the requirements within BS ISO 21434.
The solution pack contains:
- BS ISO/SAE 21434 Road vehicles. Cybersecurity engineering
- PD ISO/PAS 5112 Road vehicles. Guidelines for auditing cybersecurity engineering
- BS ISO 26262-3 Road vehicles. Functional safety. Concept phase
- BS EN ISO 19011 Guidelines for auditing management systems
You can also download the Interpretation Document of UN Regulation No. 155 which can support this Cybersecurity Auditing solution pack.
Who is this solution pack for?
This solution pack brings together all the standards in support for the organizations involved in automotive cybersecurity engineering in any part of the automotive supply chain. It demonstrates a route to conforming to regulations and for organizations needing to conduct audits.
Vehicle manufacturers, tier one suppliers of electrical and electronic components which serves a primary function to connect the vehicle to the internet and other localised roadside infrastructure. These companies and the staff who are the designers and engineers to retailers and senior level executives, need to understand how to implement and maintain the security of vehicles and associated systems.
Why should you use this solution pack?
The V2V and V2I communication. These technology advances bring with them new security issues and subsequently reports of security flaws and hacks that are becoming part of our daily news feeds. The impact of malicious security attacks that go beyond data or vehicle theft and have the capability to cause significant damage, loss of life and impact to a company's reputation.
With the increasing reliance on automated driving quickly accelerating, the industry is facing a changing landscape when it comes to automotive safety - particularly against the backdrop of standards such as BS ISO 26262 Functional Safety, PD ISO/PAS 21448 Safety of the Intended Functionality (SOTIF) and PAS 1880.
More and more customers of road vehicles have moved away from the performance of the vehicle, notably acceleration of the vehicle, now more important is the safety and security. This has been evident in the vehicle manufacturer marketing the Euro NCAP have stated that if these systems are easily attacked it can undermine the safety and trust in Euro NCAP rating.
Undertaking regular audits of your management system for automotive cybersecurity is likely to reduce the risk from malicious attack by cyber criminals.