Cybersecurity Throughout Vehicle Lifecycle | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

Ensuring vehicle cybersecurity across its lifecycle is required both by the WP.29 regulation and by the ISO/SAE standard. And doing that is actually a challenging task because it requires multiple players to collaborate across the vehicles’ lifetime, which is very long, and could be between 10 and 15 years.

So how do you do that?
Well, from our experience, there are a few methods that can help achieve this goal.

First is security by design: So, when you develop the vehicle, you need to apply TARA and have a secure development process, but you also need to make sure that meaningful telemetry is emitted, that will enable later detection in post-production, of existing and new cyber attacks. And, you also need to apply cybersecurity management on your supply chain.

Additionally, you need to have a centralized detection system for post-production. Such a detection system can collect logs from vehicles, communication channels, and backend systems, and this way, enables strong detection for a wide range of threats as listed in Annex 5 of the WP.29 regulation. And lastly, you need to have an automotive-specific threat feed.

Such a threat feed should be used by the OEM, the service providers, and the supply chain. And this can supply a good source of threats related to the vehicle and to the mobility service that can help the OEM, connectivity service provider, and the supply chain to create meaningful mitigations within a short period of time.

Newsletter Icon

Subscribe
to our newsletter

Sign up to receive updates delivered to your inbox

The high-impact automotive cyber security trends and incidents of H1-2022

This webinar will discuss three emerging cyber threats and their potential impact on end users, OEMs, and the entire smart mobility ecosystem.

More Details

H1’2022 Automotive Cyber Trend Report

This report offers extensive coverage and analysis of automotive-specific cyber incidents across all attack vectors and their impact on the wide ecosystem.

More Details

EV 充電所 拡大に向けて: EV充電所インフラ安全確保への課題

Delivering driver confidence with robust charging networks has created new opportunities for hackers to penetrate OEM and Tier-1 networks by tampering with charging station data.

More Details

The Leading Managed Vehicle SOC: Actively Protecting Millions of Vehicles for OEMs Worldwide

Protect automotive cybersecurity with an automotive-specific Vehicle Security Operations Center (VSOCs) to address the complexity of cyberattacks targeting OT networks, such as connected vehicles and&

More Details

Beyond Cyber: Upstream Puts Data in Motion

Automotive data in the cloud breaks silos, allowing teams to analyze information in the pursuit of identifying exciting new revenue opportunities.

More Details

2022 グローバルモビリティ サイバーセキュリティ報告書

2022 グローバルモビリティ サイバーセキュリティ報告書2022年版のサイバーセキュリティ報告書では過去10年に実際に 起こったサイバー攻撃の脅威を

More Details