The ISO 21434 is a new standard that has been proposed to address the future challenges of automotive cybersecurity. This white paper takes a closer look at the ISO 21434 helping engineers to understand the ISO 21434 parts, the key activities to be carried out and the main artefacts that shall be produced. As any certification, obtaining the ISO 21434 certification can be daunting at first sight. Engineers have to deploy processes that include several security risk assessment methods to produce security arguments and evidence supporting item security claims. In this white paper, we propose a security engineering approach that can ease this process by relying on Rigorous Security Assessments and Incremental Assessment Maintenance methods supported by automation. We demonstrate by example that the proposed approach can greatly increase the quality of the produced artefacts, the efficiency to produce them, as well as enable continuous security assessment. Finally, we point out some key research directions that we are investigating to fully realize the proposed approach.
翻译:ISO 21434是为解决未来汽车网络安全挑战而提议的新标准,白皮书更仔细地审视ISO 21434帮助工程师理解ISO 21434部件、将要开展的关键活动和将生产的主要文物,因为任何认证,获得ISO 21434认证都可能一目了然。工程师必须部署包含若干安全风险评估方法的流程,以提出安全证据和证据支持项目安全索赔。在本白皮书中,我们提议采用安全工程方法,依靠自动化支持的严格安全评估和增量评估维护方法,可以方便这一进程。我们举例表明,拟议方法可以大大提高所生产文物的质量、生产效率以及持续的安全评估。最后,我们指出我们正在调查的一些关键研究方向,以充分实现拟议方法。
相关内容
微信扫码咨询专知VIP会员