The company will adopt the standards for its INTEGRITY RTOS and associated products and services.
The new security standards allow the design and deployment of secure, software-defined systems in connected vehicles, including highly automated driving, high performance compute clusters, domain controllers, vehicle gateways, telematics, keyless entry, diagnostic connections and electric vehicle charging stations.
Green Hills is collaborating with customers and adopting cybersecurity assessment policies for:
• A draft of the ISO/SAE 21434 “Road vehicles – Cybersecurity engineering” standard was recently published by SAE International and ISO (Organization for Standardization). The standard is a baseline for vehicle manufacturers and suppliers to help ensure cybersecurity risks are managed effectively from both a product lifecycle and organizational perspective from conceptall the way through to decommissioning.
• The WP.29 regulations from the United Nations Economic Commission for Europe (UNECE). These new regulations make OEMs responsible for cybersecurity mitigation in four cybersecurity areas over the entire vehicle lifecycle: managing cyber risks; securing vehicles by design; detecting and responding to security incidents; and providing safe and secure OTA software updates. WP.29 defines concrete examples of threats and mitigations, but OEMs are able to choose how they can show that threats are addressed. This could include complying with ISO/SAE 21434. The regulation should be finalized in early 2021 and will be applied initially in many member nations including European nations, South Korea, UK, and Japan. The standard will also likely influence vehicle homologation polices in the US, Canada and China.
WP.29 will be legally binding within adopting countries, and while the ISO/SAE 21434 standard is not a regulation, it is expected to be widely accepted in the global industry like ISO 26262 is today.
“Connected cars bring significant risks and rewards to OEMs and their suppliers,” said Chris Rommel, Executive Vice President, IoT & Industrial Technology at VDC Research. “Green Hills has earned a high stature in the industry for supplying security-critical foundational software to companies building life-critical systems like aircraft avionics, vehicle ADAS and medical equipment, and its support of these new cybersecurity standards is noteworthy.”
“ISO/SAE 21434 and WP.29 are valuable additional steps towards protecting connected vehicles from cybersecurity vulnerabilities,” said Dan Mender, VP of Business Development at Green Hills Software. “Green Hills has decades of experience developing and delivering security-certified technologies at the highest levels. Adopting these standards expands our offerings to global automotive OEMs and their suppliers bringing the industry’s leading secure software run-time environment to next-generation connected vehicle electronics.”