New standards will require the industry’s largest organisations to reshape how they address cyber security moving forward, writes Freddie Holmes.
Modern vehicles are often described as computers on wheels owing to their various electronic control units and software-based features. While the importance of vehicle cyber security has grown in recent years, it remains a relatively new and complex challenge for automakers.
A number of best practice dockets and advice sheets have been released over the years, encouraging developers to adopt certain tools or measures during the development process. These have been useful guides, but automotive cyber security is now being formally regulated. Alongside various technology requirements, upcoming standards also mean that automakers and suppliers must make cyber security a top priority.
Expected in the second half of 2021, the upcoming ISO/SAE 21434 standard aims to ensure that vehicles are secure throughout their lifecycle, with a particular focus on risk management. It also makes specific reference to the need for a strong cyber security culture at an organisational level. The standard is expected to spur a number of organisational changes for automakers, suppliers and product developers in the sector.
Dr Dennis Kengo Oka, Principal Automotive Security Strategist at global software company Synopsys, says the introduction of ISO/SAE 21434 will impact not only how businesses operate, but also the way employees think about cyber security on a day-to-day basis. “Organisations will have to change in order to meet these new requirements,” he affirms.