ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell

Georg Macher; Christoph Schmittner; Omar Veledar; Eugen Brenner

doi:10.1007/978-3-030-55583-2_9

ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell

Georg Macher^*, Christoph Schmittner, Omar Veledar, Eugen Brenner

^*Corresponding author for this work

Institute of Technical Informatics (4480)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

A range of connected and automated vehicles is already available, which is intensifying the usage of connectivity features and information sharing for vehicle maintenance and traffic safety features. The resulting highly connected networking amplifies the attractiveness level for attacks on vehicles and connected infrastructure by hackers with different motivations. Hence, the newly introduced cybersecurity risks are attracting a range of mitigating strategies across the automotive field. The industry’s target is to design and deliver safe and secure connected and automated vehicles. Therefore, efforts are being poured into developing an industry standard capable of tackling automotive cybersecurity issues and protecting assets. The joint working group of the standardization organizations ISO and SAE have recently established and published a draft international specification of the “ISO/SAE DIS 21434 Road Vehicles - Cybersecurity Engineering” standard. This document delivers a review of the available draft. This work provides a position statement for discussion of available analysis methods and recommendations given in the standard. The aim is to provide a basis for industry experts and researchers for an initial review of the standard and consequently trigger discussions and suggestions of best practices and methods for application in the context of the standard.

Original language	English
Title of host publication	Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings
Editors	António Casimiro, Frank Ortmeier, Erwin Schoitsch, Friedemann Bitsch, Pedro Ferreira
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	123-135
Number of pages	13
ISBN (Print)	9783030555825
DOIs	https://doi.org/10.1007/978-3-030-55583-2_9
Publication status	Published - 1 Jan 2020
Event	39th International Conference on Computer Safety, Reliability and Security: SAFECOMP 2020 - Lisbon, Virtual, Portugal Duration: 15 Sept 2020 → 18 Sept 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12235 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	39th International Conference on Computer Safety, Reliability and Security
Abbreviated title	SAFECOMP 2020
Country/Territory	Portugal
City	Lisbon, Virtual
Period	15/09/20 → 18/09/20
Other	15th Workshop on Dependable Smart Embedded and Cyber-Physical Systems and Systems-of-Systems, DECSoS 2020, 1st International Workshop on Dependable Development-Operation Continuum Methods for Dependable Cyber-Physical Systems, DepDevOps 2020, 1st International Workshop on Underpinnings for Safe Distributed AI, USDAI 2020, and 3rd International Workshop on Artificial Intelligence Safety Engineering, WAISE 2020, held in conjunction with the 39th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2020

Keywords

Automotive
ISO 21434
ISO 26262
Security analysis

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-55583-2_9

Cite this

Macher, G., Schmittner, C., Veledar, O., & Brenner, E. (2020). ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell. In A. Casimiro, F. Ortmeier, E. Schoitsch, F. Bitsch, & P. Ferreira (Eds.), Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings (pp. 123-135). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12235 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-55583-2_9

ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell. / Macher, Georg; Schmittner, Christoph; Veledar, Omar et al.
Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings. ed. / António Casimiro; Frank Ortmeier; Erwin Schoitsch; Friedemann Bitsch; Pedro Ferreira. Springer Science and Business Media Deutschland GmbH, 2020. p. 123-135 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12235 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Macher, G, Schmittner, C, Veledar, O & Brenner, E 2020, ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell. in A Casimiro, F Ortmeier, E Schoitsch, F Bitsch & P Ferreira (eds), Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12235 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 123-135, 39th International Conference on Computer Safety, Reliability and Security, Lisbon, Virtual, Portugal, 15/09/20. https://doi.org/10.1007/978-3-030-55583-2_9

Macher G, Schmittner C, Veledar O, Brenner E. ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell. In Casimiro A, Ortmeier F, Schoitsch E, Bitsch F, Ferreira P, editors, Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings. Springer Science and Business Media Deutschland GmbH. 2020. p. 123-135. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-55583-2_9

Macher, Georg ; Schmittner, Christoph ; Veledar, Omar et al. / ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell. Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings. editor / António Casimiro ; Frank Ortmeier ; Erwin Schoitsch ; Friedemann Bitsch ; Pedro Ferreira. Springer Science and Business Media Deutschland GmbH, 2020. pp. 123-135 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c9c899200644435892583ddff8d43fea,

title = "ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell",

abstract = "A range of connected and automated vehicles is already available, which is intensifying the usage of connectivity features and information sharing for vehicle maintenance and traffic safety features. The resulting highly connected networking amplifies the attractiveness level for attacks on vehicles and connected infrastructure by hackers with different motivations. Hence, the newly introduced cybersecurity risks are attracting a range of mitigating strategies across the automotive field. The industry{\textquoteright}s target is to design and deliver safe and secure connected and automated vehicles. Therefore, efforts are being poured into developing an industry standard capable of tackling automotive cybersecurity issues and protecting assets. The joint working group of the standardization organizations ISO and SAE have recently established and published a draft international specification of the “ISO/SAE DIS 21434 Road Vehicles - Cybersecurity Engineering” standard. This document delivers a review of the available draft. This work provides a position statement for discussion of available analysis methods and recommendations given in the standard. The aim is to provide a basis for industry experts and researchers for an initial review of the standard and consequently trigger discussions and suggestions of best practices and methods for application in the context of the standard.",

keywords = "Automotive, ISO 21434, ISO 26262, Security analysis",

author = "Georg Macher and Christoph Schmittner and Omar Veledar and Eugen Brenner",

year = "2020",

month = jan,

day = "1",

doi = "10.1007/978-3-030-55583-2_9",

language = "English",

isbn = "9783030555825",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "123--135",

editor = "Ant{\'o}nio Casimiro and Frank Ortmeier and Erwin Schoitsch and Friedemann Bitsch and Pedro Ferreira",

booktitle = "Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings",

address = "Germany",

note = "39th International Conference on Computer Safety, Reliability and Security : SAFECOMP 2020, SAFECOMP 2020 ; Conference date: 15-09-2020 Through 18-09-2020",

}

TY - GEN

T1 - ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell

AU - Macher, Georg

AU - Schmittner, Christoph

AU - Veledar, Omar

AU - Brenner, Eugen

PY - 2020/1/1

Y1 - 2020/1/1

N2 - A range of connected and automated vehicles is already available, which is intensifying the usage of connectivity features and information sharing for vehicle maintenance and traffic safety features. The resulting highly connected networking amplifies the attractiveness level for attacks on vehicles and connected infrastructure by hackers with different motivations. Hence, the newly introduced cybersecurity risks are attracting a range of mitigating strategies across the automotive field. The industry’s target is to design and deliver safe and secure connected and automated vehicles. Therefore, efforts are being poured into developing an industry standard capable of tackling automotive cybersecurity issues and protecting assets. The joint working group of the standardization organizations ISO and SAE have recently established and published a draft international specification of the “ISO/SAE DIS 21434 Road Vehicles - Cybersecurity Engineering” standard. This document delivers a review of the available draft. This work provides a position statement for discussion of available analysis methods and recommendations given in the standard. The aim is to provide a basis for industry experts and researchers for an initial review of the standard and consequently trigger discussions and suggestions of best practices and methods for application in the context of the standard.

AB - A range of connected and automated vehicles is already available, which is intensifying the usage of connectivity features and information sharing for vehicle maintenance and traffic safety features. The resulting highly connected networking amplifies the attractiveness level for attacks on vehicles and connected infrastructure by hackers with different motivations. Hence, the newly introduced cybersecurity risks are attracting a range of mitigating strategies across the automotive field. The industry’s target is to design and deliver safe and secure connected and automated vehicles. Therefore, efforts are being poured into developing an industry standard capable of tackling automotive cybersecurity issues and protecting assets. The joint working group of the standardization organizations ISO and SAE have recently established and published a draft international specification of the “ISO/SAE DIS 21434 Road Vehicles - Cybersecurity Engineering” standard. This document delivers a review of the available draft. This work provides a position statement for discussion of available analysis methods and recommendations given in the standard. The aim is to provide a basis for industry experts and researchers for an initial review of the standard and consequently trigger discussions and suggestions of best practices and methods for application in the context of the standard.

KW - Automotive

KW - ISO 21434

KW - ISO 26262

KW - Security analysis

UR - http://www.scopus.com/inward/record.url?scp=85096544383&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-55583-2_9

DO - 10.1007/978-3-030-55583-2_9

M3 - Conference paper

AN - SCOPUS:85096544383

SN - 9783030555825

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 123

EP - 135

BT - Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops - DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Proceedings

A2 - Casimiro, António

A2 - Ortmeier, Frank

A2 - Schoitsch, Erwin

A2 - Bitsch, Friedemann

A2 - Ferreira, Pedro

PB - Springer Science and Business Media Deutschland GmbH

T2 - 39th International Conference on Computer Safety, Reliability and Security

Y2 - 15 September 2020 through 18 September 2020

ER -

ISO/SAE DIS 21434 Automotive Cybersecurity Standard - In a Nutshell

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this