Increases the possibility of external attacks due to the expansion of the connectivity of the vehicle
There is a limitation in applying the existing international standard for functional safety to the cybersecurity area equally ((not all security critical systems are safety critical systems, and even if they fail, there are security critical systems that do not affect safety)
Defining automotive-specific cybersecurity terminology, establishing cybersecurity goals, and establishing requirements and guidelines
▶ Goal
Covers the cybersecurity perspective of automotive electrical and electronic system engineering
Define cybersecurity processes and activities and minimum requirements for automotive cybersecurity assessment
Establishing state-of-the-art cybersecurity engineering procedures applicable to the automotive industry
Establishment of electrical and electronic engineering plans to prepare for various attack techniques and new attack technologies through a risk-based approach
In addition, to ensure rigor and legal certainty to be referred to in legislation, ref. UNECE WP29 Cybersecurity regulation
▶ Main Principle
Road Vehicles Applied
Development of safe vehicle systems based on reasonable procedures
Automakers and parts makers must show “due diligence”
Focus on automotive cybersecurity engineering
Must be based on the latest technology in cybersecurity
Risk-Based Approach
-Prioritized according to risk level
-Risk analysis for cybersecurity requirements
Establishment of cyber security management system (management system)
Cybersecurity activities and processes across the entire vehicle lifecycle:
-Design, development, production, operation, maintenance, maintenance and disposal of vehicles
▶ Applied Area
Road car Electrical and electronic systems
hardware and software components,
interfaces System connected (connected) to external equipment/network
▶The following are not covered
Specific cybersecurity techniques and solutions
Requirements for specific improvement methods
Requirements for communication systems
Requirements for specific telecommunication services and their providers
Requirements for charging electric vehicles Specific requirements for autonomous vehicle technology