ISO publishes connected cars standard

International standards organisation, ISO, has today published a standard addressing the cyber security of electrical and electronic systems in road vehicles.

ISO/SAE 21434, Road vehicles – Cybersecurity Engineering has been designed to help manufacturers stay abreast of changing technologies and cyber attack methods, and defines the vocabulary, objectives, requirements and guidelines related to cyber security engineering for a common understanding throughout the supply chain.

The standard, developed in collaboration with SAE International, draws on the recommendations detailed in SAE J3061, Cybersecurity Guidebook for Cyber Physical Vehicle Systems.

Dr Gido Scharfenberger-Fabian, convenor of the group of ISO experts that developed the standard, said it will enable organisations to define cyber security policies and processes, manage cyber security risk and foster a cyber security culture.

“ISO/SAE 21434 will help consider cybersecurity issues at every stage of the development process and in the field, increasing the vehicle’s own cybersecurity defences and mitigating the risk of potential vulnerabilities for every component,” he said.

“What’s more, the framework provided in this standard will enhance the collaboration on cybersecurity within the industry and thereby lead to technology and solutions that better meet today’s and tomorrow’s cybersecurity challenges.”

Jack Pokrzywa, director of global ground vehicle standards at SAE International, added: “We are pleased to see the fruits of this unique collaborative partnership between SAE and ISO. We see this standard as a critical tool in the arsenal of cybersecurity professionals and product developers around the globe.”

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.