Rules for cybersecurity are changing. We’ve seen it comes about little
by little as the world we live in becomes more and more connected. At the
automotive level, the multiplication of new features increases exposure to
cyberattacks.
At other levels, the growing need for data management has opened
up new avenues for attack that caused widespread controversy around the world.
We can see how these isolated incidents can have a significant and lasting
impact after the effect. The Financial news was recently rocked by the
recommendation from Moody’s to downgrade a well-known company’s
credit rating based on a cybersecurity incident in 2017. This demonstrates the
new level of importance that cybersecurity carries and how companies are being
upheld to more responsible behaviour in this regard.
The automotive industry has already taken significant steps to improve and has
already understood that there needs to be a concerted effort to get this right
across the industry, with security that can be scaled up to protect fleets of
modern vehicles to the fullest extent. One of the early initiatives taken by
the industry to address this global threat was to establish the Auto-ISAC.
This is an industry-driven community that shares and analyzes intelligence
about emerging cybersecurity risks to vehicles. It also aims to collectively
enhance cybersecurity capabilities across the global automotive industry, in
particular by sharing best practices.
The industry is now looking to take the next step and formalize these industry
best practices in an automotive cybersecurity engineering standard, forming a
common basis from 2020 onwards. The crunch point is being able to shift
priorities to create true security-oriented cultures within companies, across
the supply chain, to ensure the development of new, more secure products and
solutions, following the principle of security-by-design.
ISO/SAE 21434
Originally, ISO tried to integrate cybersecurity into the functional safety
standard ISO 26262. Despite similarities between the two topics, it turned out
to be too complex to address all aspects adequately within one document.
Around the same time, SAE delivered J3061, a cybersecurity guidebook for cyber
physical vehicle systems. The ISO and SAE teams later joined forces to create
a common standard named ISO/SAE 21434: road vehicles – cybersecurity
engineering. It is expected that the standard will be published at the end of
2020 and will replace SAE J3061.
This emerging standard defines a framework that:
-
Ensures a consistent, well defined and robust approach to foster a
cybersecurity culture
- Manages cybersecurity risks across the complete vehicle lifecycle
- Allows for adaptation to a continually changing threat landscape
- Creates a cybersecurity management system.
Measures such as a security development lifecycle, risk assessment,
vulnerability handling and incident response are included in the scope of the
standard. It therefore addresses security in product engineering by design,
similar to how ISO 26262 addresses functional safety today.
The crucial piece of this standard is that it focuses on people and processes.
The third part of the security triad, technology, is primarily the
manufacturer’s responsibility and an area that should allow for
(positive) differentiation. Therefore, the standard does not describe specific
technology or solutions. It also concentrates its engineering requirements and
recommendations on new developments or modifications to existing systems or
components.
UNECE WP.29
There is also continuing alignment with the World Forum for Harmonization of
Vehicle Regulations (UNECE WP.29). This investigates whether ISO/SAE 21434 can
be used as a baseline for the cyber security management system (CSMS) that
will be required as part of the new international whole vehicle type approval
(IWVTA) scheme in the future. Whereby a certified CSMS becomes a prerequisite
for vehicle manufacturers and their supply chain to achieve type approval on
new vehicles.
NXP’s approach to automotive cybersecurity
Our long-term approach to security and safety has been about developing a
security-conscious culture and way of thinking within NXP. Not only do we
strive to develop safe and secure products, but we are continuously working to
make automotive security an integral part of our engineering process. This is
achieved in a number of ways, such as extensive training offerings delivered
to teams across the company, but also in engaging with our customers in a
security-conscious approach to requirements specification, systems development
and product integration.
In fact, as our customers already seek compliance with ISO/SAE 21434, we have
accelerated our preparations and how we align to the standard. We anticipate
an updated business creation and management process to be certified as
compliant in the future. For us this is a natural next step, since we are able
to leverage existing processes and know-how from our teams who have worked in
traditional security markets for many years.
Achieving this level of integration and awareness around security issues did
not develop overnight. Our holistic approach to security has matured over time
to the point we are at today. We have a strong organization with clearly
defined policies and governance to help prevent security vulnerabilities as
much as possible; and to detect, mitigate and fix remaining security
vulnerabilities professionally, together with the research community and our
partners. We also spend significant effort developing our workforce; this
helps us to continue in our endeavor to develop security savvy employees,
without whom we cannot develop truly secure products.
As we move towards automated and connected driving, automotive cybersecurity
engineering is going to be important to manage the privacy interests of
customers and the safety of vehicles on the roads. More than this, having
clear methodological approaches for security and functional safety that
support and complement one another is vital. Overall safety efforts have
evolved over time to the point we are at today. We are at the cusp of the next
stage that finally aligns and combines the approaches to
functional safety and automotive security.
