ISO/SAE 21434 and UNECE WP.29
The development of automobiles is characterized by 3 major trends: digitalization, networking, and the development of autonomous vehicles. While safety processes are established and mature, each of these three trends imposes the need for rich cybersecurity processes.
Currently several automotive security standards and norms are in creation. From 2020 and 2021, they will become relevant for all modern OEMs and suppliers. Particularly relevant standards will be ISO/SAE 21434 (Road vehicles – Cybersecurity Engineering) and UNECE WP.29 (Regulation on Cybersecurity).
The standard is developed in cooperation between ISO and SAE and thus has a broad international basis.
ISO/SAE 21434 (Road vehicles – Cybersecurity Engineering) pursues several objectives. In particular, the standard for the automotive industry
- create a uniform terminology for cybersecurity engineering
- define minimum requirements for processes and activities in cybersecurity engineering
- promote cooperation between the parties involved in the value chain
- and thus overall describe the “state of the art” of cybersecurity engineering.
The ISO/SAE Joint Working Group (JWG) is divided into individual project groups (PG) dealing with the topics “Risk Management”, “Product Development”, “Operations and Maintenance” and “Overview and Interdependencies”.
ISO/SAE 21434 shall be applied to vehicles and their subsystems, components, connections and data. Hardware and software are considered. The aim is to establish a structured process for all participants in the value-added process and to firmly anchor the topic of security in the design process.
What is not specified by the standard are explicit recommendations for encryption technologies or other implementation approaches of concrete solutions.
Motivated by the goal of establishing “Security by Design“, the Security Risk Analysis fulfills a special role in ISO/SAE 21434 by determining security risk levels at the level of the vehicle and its individual components. The manufacturer has to prove that appropriate risk levels are achieved.
(The publication of the Draft International Standard (DIS) of ISO/SAE 21434 is expected in early 2020. The final publication of the standard a few months later.)
The Inland Transport Committee (ITC) of the United Nations Economic Commission for Europe (UNECE) aims to establish a uniform regulatory system to facilitate international trade. In this context, WP.29 deals with aspects of vehicle safety, environmental protection, energy efficiency and theft prevention.
In contrast to ISO/SAE 21434, compliance with the requirements of UNECE WP.29 is mandatory for vehicle manufacturers and a prerequisite for the international approval of vehicles in the context of type approval.
The Working Party for Automated/Autonomous and Connected Vehicles (GRVA) deals specifically with the aspect of “Cybersecurity and Software Updates” in the sub-area of “Safety and Security of Vehicle Automation and Connectivity”.
It is obvious that the need for threat analysis is not only due to cyber security, but also to the security aspects of data protection and software updates. From the threat analysis, mitigation principles can be derived, which then become the basis for recommendations for cyber security.
For the Cybersecurity Assessment, the GRVA proposes 2 levels: The level of organizational structures and processes (Cybersecurity Management System Requirements) and the level of vehicle architecture design including risk assessment and implementation of countermeasures (Vehicle Requirements).
The new Cybersecurity Regulations of UNECE WP.29 are expected to come into force in early/mid-2020. Complying with them will be mandatory after a transition phase of 6 months.
A concrete process instruction or vehicle architecture specification is not made by UNECE WP.29. However, reference is made to ISO/SAE 21434 as a possible variant.
This closes the circle between ISO/SAE 21434 and UNECE WP.29. The importance of both standards in the context of future vehicle approvals becomes clear.
The quintessence for the relevance of the two standards in the automotive industry is therefore anyone who still wants to register vehicles in 2021 or will be part of the supply chain for vehicle components must comply with ISO/SAE 21434 and UNECE WP.29.
A particular challenge arises from the fact that both the necessary processes and management systems, as well as the demands on the vehicle, affect the entire life cycle of the vehicle. In the field of safety, market players have succeeded in doing this in the past – but the processes and tools have been established for 20 years or more. For the implementation of the corresponding requirements, however, only 1-2 years remain for Security.
The highly dynamic nature of the security domain poses even greater challenges for the participants compared to safety. Adjustments of the systems in the life cycle will be the rule and no longer the exception. Processes and tools must be prepared for these dynamics.
For the area of security risk analysis and documentation, which are central to ISO/SAE 21434 and UNECE WP.29, a model-based approach is recommended. In this way, the effects of changes over time, including all dependencies (tracing and impact analysis), can be carried out and documented automatically.