Cybersecurity Throughout Vehicle Lifecycle | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

Ensuring vehicle cybersecurity across its lifecycle is required both by the WP.29 regulation and by the ISO/SAE standard. And doing that is actually a challenging task because it requires multiple players to collaborate across the vehicles’ lifetime, which is very long, and could be between 10 and 15 years.

So how do you do that?
Well, from our experience, there are a few methods that can help achieve this goal.

First is security by design: So, when you develop the vehicle, you need to apply TARA and have a secure development process, but you also need to make sure that meaningful telemetry is emitted, that will enable later detection in post-production, of existing and new cyber attacks. And, you also need to apply cybersecurity management on your supply chain.

Additionally, you need to have a centralized detection system for post-production. Such a detection system can collect logs from vehicles, communication channels, and backend systems, and this way, enables strong detection for a wide range of threats as listed in Annex 5 of the WP.29 regulation. And lastly, you need to have an automotive-specific threat feed.

Such a threat feed should be used by the OEM, the service providers, and the supply chain. And this can supply a good source of threats related to the vehicle and to the mobility service that can help the OEM, connectivity service provider, and the supply chain to create meaningful mitigations within a short period of time.

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

PQD Shorts [#4] – Spot quality issues ahead of claims

More Details

PQD Shorts [#3] – Prioritize the most impactful quality issues with AI-enhanced insight

More Details

PQD Shorts [#2] – RCA using vehicle data with use case

More Details

PQD Shorts [#1] – OceanAI – talk to your data

More Details

프랑스어 요약 – 모빌리티와 IoT의 미래 보안 및 강화

업스트림은 커넥티드 카, IoT, 스마트 모빌리티 데이터의 잠재력을 극대화합니다. 업스트림의 데이터 관리 플랫폼은 진화하는 사이버 위험으로부터 모�

More Details

모빌리티 분야의 사이버 위협에 대한 정보

실행 가능한 수정 권장 사항에 뒷받침된 실행 가능한 장치별 분석을 통해 모빌리티 위협 환경에 대한 탁월한 가시성을 확보하세요.

More Details
Skip to content