The new cybersecurity standard for automotive applications aims to protect connected vehicles from malicious cyber attacks. The standard encourages vehicle manufacturers (OEMs) and their supply chains to implement a security-by-design approach for their components, servers and processes. This reduces the risk of vulnerability to cyber-attacks throughout the vehicle lifecycle: from the initial concept and design phase to end-of-life.
From July 2022, OEMs launching new vehicle types in Europe, Japan and Korea – these markets account for more than a third of global vehicle production – will have to comply with the R155 automotive cybersecurity directive. Other regions are expected to follow suit.
The ISO/SAE 21434 standard supports the implementation of the R155 requirements in companies along the entire supply chain. In particular, the approach of “security by design” is cast into concrete structures and processes. NXP’s ISO/SAE 21434 certification helps OEMs meet the requirements of the UN ECE R155 regulation. This United Nations specification defines basic requirements for the security of vehicles against cyber attacks.
Connected vehicles inevitably communicate with other systems, for example with a smart city infrastructure and with the cloud. If the vehicle’s electronic systems are left unsecured, they could be compromised by attackers. Robust security measures are essential to prevent attacks and protect the vehicle, its systems and the back-end networks that power the vehicles from cyber-attacks.
NXP leverages its long-standing expertise in security to meet the needs of the automotive industry. NXP’s existing policies and processes have been refined and expanded to fully meet the requirements of the new ISO/SAE 21434 standard.
The assessment and certification was carried out by TÜV SÜD. This service provider audited NXP’s organisation as well as the company’s own policies and processes for compliance with the new ISO/SAE 21434 standard. “With an increasing number of connected vehicles and technologies, the issue of security is coming to the fore,” says Claudio Gregorio, Department Manager Functional Safety and Cybersecurity at TÜV SÜD. “Certification facilitates the security-by-design approach, increases trustworthiness and reduces complexity in the complex automotive supply chain.”