ISO/SAE21434 requires a security and response management and is divided in the following clauses:
Clause 5. Organizational Cybersecurity Management
From the Organizational perspective, to enable cybersecurity engineering, there is the need to institute, instill and maintain cybersecurity governance and cybersecurity culture, including awareness management, competence management and continuous improvement.
Clause 6. Project-Dependent Cybersecurity Management
It describes the requirements for cybersecurity development activities management for a specific project.
Clause 7. Distributed Cybersecurity Activities
Only applicable if responsibilities for cybersecurity activities for an item or component are distributed. This clause describes management of distributed cybersecurity activities and applies to:
- Items and components developed in a distributed activity;
- Interactions between a customer and a supplier;
- All phases where an agreement is applicable to the customer/supplier interface.
Clause 8. Continual Cybersecurity Activities
Cybersecurity activities are not limited to only one part of the development process; they are performed during the entire lifecycle and can be done outside of a specific project:
- Cybersecurity monitoring;
- Cybersecurity event evaluation;
- Vulnerability analysis;
- Vulnerability management.
Clause 9. Concept Phase
Vehicle level functionality, as implemented in items, should be well known, and considered in this clause. For this purpose, cybersecurity goals are specified, and cybersecurity risks are assessed by using methods specified in Clause 15. Furthermore, cybersecurity claims are formulated and used to explain why risk retention or sharing are considered adequate.
Clause 10 – 11. Product Development
It defines the cybersecurity specification including architectural design, implementation, verification of cybersecurity requirements and cybersecurity validation of an item at the vehicle level.
Clause 12 – 14. Post-Development Phase
It ensures that a product is compliant to cybersecurity-related aspects from the manufacturing and assembly perspective. Capabilities to react properly on occurred cybersecurity incidents is established including maintenance and updating of the items and components.
As a final aspect, requirements for decommissioning shall be considered, especially in the context of data protection.
Clause 15. Threat Analysis and Risk Assessment
Assessment methods include modular methods for analysis and assessment to determine the extent of cybersecurity risk in order for it to be mitigated/eliminated.
AUTOSAR requirements for cybersecurity
In the world of Automotive, standardization is the key.
As cybersecurity-related activities in the automotive industry evolved, so did the Automotive Open System Architecture (AUTOSAR), aiming to satisfy the most acute cybersecurity requirements. Secure Boot mechanism and Secure On-Board Communication mitigate the physical aspect of an attack. However, being permanently connected to the external networks through vehicle to cloud (V2X) or vehicle to vehicle (V2V) communication enables new attack channels that must be considered during automotive software development.
As a foundation for the new cybersecurity mechanisms, AUTOSAR uses already existing cryptography mechanisms grouped in what engineers typically call the Crypto stack of the AUTOSAR. The well-known crypto modules are divided between the abstraction layers to abstract from the location of cryptographic primitives realized by internal or external hardware accelerators or software-based implementation.
This is realized by the Electronic Control Unit Abstraction layer, providing similar mechanisms to access internal or external cryptographic devices or software implementation of the primitives.
The Service layer, on the other hand, implements a new module called Intrusion Detection System Manager (IDSM) alongside the Crypto Service Manager that is responsible for the management of cryptographic jobs, and the Key Manager that interacts with the key provisioning master (either in NVM or Crypto Driver) and manages the storage and verification of certificate chains.