Author: Konstantina Tsakiri
Edited by: Aikaterini Kokoliou, Kristina Livitckaia
In the era of Connected and Autonomous Vehicles (CAVs), as they could be considered a tempting target for cyber-attacks, the vulnerability aspect should be thoroughly considered and analyzed in the vehicles' design and supporting systems and components. ISO/SAE 21434 "Road vehicles – cybersecurity engineering" standard is expected to answer the need for automotive cybersecurity. However, it is still under development, i.e., with a Draft International Standard (DIS) status. Despite the existence of safety norms for road vehicles (ISO 26262 and SAE J3061), the cybersecurity field is still not completely covered. The Society of Automotive Engineers (SAE) and the International Organization for Standardization (ISO) have started cooperation for developing a common standard, following the state-of-the-art for cybersecurity engineering. Also, 82 companies, including Original Equipment Manufacturers (OEMs), Electronic Control Unit (ECU) suppliers, cybersecurity companies, and governing organizations, work actively on this standard.
This ongoing standard is a baseline for automotive product developers, OEMs, and their suppliers to build a comprehensive approach by providing means to react to cybersecurity threats to secure CAVs. The contribution of this standard to the Internet of Vehicles (IoV) domain is the provided cybersecurity activities and processes for all phases of a vehicle's lifecycle, including designing, engineering, production, operation, and maintenance. More specifically, its main purpose is to define a consistent cybersecurity engineering framework that includes specific requirements for software development. In addition, one significant feature of the standard is the establishment of common terminology to be used for the whole supply chain, which highlights the advantage of having a global standard for automotive cybersecurity.
In particular, the ISO/SAE framework includes:
- Management of cybersecurity
- Risk assessment methods
- Determining the exposure to cybersecurity risks in the concept phase
- Implementing and verifying cybersecurity requirements during the development phase
- Continuing activities, i.e., vulnerability management
- Incident response plan
Some of the items mentioned above are inherited from existing automotive standards concerning functional safety. To begin with, the methodology and the secure development process are based on ISO 26262, which has a similar design with ISO/SAE 21434, and both follow the V-model (see Figure 1). The V-model visualizes the iterative security design process. Security aspects need to be considered during all phases, including requirements engineering, design, specification, implementation, test, and operations.
Figure 1: ISO/SAE 21434 follows the V-model
In addition, ISO/SAE 21434 gains further relevance as it is a recommendation from the United Nations Economic Commission for Europe (UNECE) WP.29 (Working Party of the Inland Transport Committee (ITC) on the regulation on cybersecurity). The WP.29 regulation and the ISO/SAE standard are complementary and have the same goal and requirements to secure CAVs. However, there are some differences between the standard and the regulation since the regulation is legally binding within all countries that participate in the regulation, known as the contracting parties. The standard will be widely accepted in the automotive industry, but it will not be legally binding. Additionally, the regulation is very particular in specific areas. For instance, it provides a comprehensive list of threats that serve as baseline threats to assess whether a vehicle and the connected services are secure. On the other hand, ISO/SAE 21434 has an exhaustive procedure regarding threat assessment, risk analysis, and in general, cybersecurity management.
To conclude, the purpose of this norm is to ensure that OEMs and everyone participating in the supply chain deploy a "Security by design" process, not only to road vehicles but also to their components. DIS ISO/SAE 21434 is also considered during the development of nIoVe components as best practices for secure software development and the corresponding response plan. When the standard is officially released as a state-of-the-art automotive cybersecurity standard, it should be considered in detail by every party working in this field to improve and taking a step further in the protection of CAVs.