ISO/SAE 21434 is an international cybersecurity standard for the automotive industry developed by the International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE). The standard was specifically developed to meet the growing challenges of vehicle security in an increasingly connected and digitalized world.
ISO/SAE 21434 covers all aspects of vehicle security related to cyber threats and risks. This includes vehicle hardware and software components as well as associated processes and services. The standard is aimed at all stakeholders in the automotive industry, including manufacturers, suppliers, service providers and regulators.
ISO/SAE 21434 was created in response to the increasing number of cyberattacks on vehicles and their increasingly complex and interconnected nature and the E/E (electrical/electronic systems) embedded in vehicles. The development of the standard brought together experts from various fields such as automotive, cybersecurity, electronics and regulation to create a comprehensive and practical guide to automotive cybersecurity.
ISO/SAE 21434 was first published in 2021 and has been in use in this version ever since. The standard has played an important role in the automotive industry. Its publication marks a milestone in efforts to improve vehicle cybersecurity and prepare the industry for the growing challenges posed by cyber threats.
The value of ISO/SAE 21434 is to provide a common framework for assessing, managing and improving automotive cybersecurity. By implementing the standard, automakers and suppliers can ensure that their vehicles are adequately protected against cyberattacks and that passenger safety and the integrity of vehicle functions are guaranteed. In addition, ISO/SAE 21434 helps build consumer confidence in the security of connected vehicles and meet vehicle security requirements. Overall, ISO/SAE 21434 provides a framework for a proactive and comprehensive approach to cybersecurity in the automotive industry, ultimately helping to improve vehicle security and reliability.
UNECE Regulation 155 (UNECE R155 for short) of the United Nations Economic Commission for Europe is a set of regulations on vehicle cybersecurity.
It sets out requirements and procedures to ensure vehicle cybersecurity and minimize the risks associated with cyberattacks. Although ISO/SAE 21434 is not a direct part of UNECE Regulation 155, there is a connection between the two.
ISO/SAE 21434 represents the international standard for automotive cybersecurity, while UNECE Regulation 155 sets out specific UN requirements and regulations.
Some manufacturers and regulators use ISO/SAE 21434 requirements as a basis or refer to them when implementing UNECE R155. In this sense, the two standards can be considered complementary, as ISO/SAE 21434 provides a general framework and guidelines for vehicle cybersecurity, while UNECE Regulation 155 sets out specific legal requirements for certain regions and markets.
Thus, although ISO/SAE 21434 is not legally binding as an international standard, UNECE Regulation 155 is for the homologation of vehicles, which creates an indirection in the mandatory application of ISO/SAE 21434.
At Melster Consulting GmbH, we understand the increasing importance of cybersecurity in the automotive industry. Our team of experts offers comprehensive consulting services to ensure your vehicle development is safety compliant. From analyzing security risks to implementing effective security measures, we are your reliable partner.
Find out more about how Melster Consulting GmbH can help you meet the challenges of automotive cybersecurity. Together, we are shaping a future in which connected vehicles are safe and secure on the roads.