Automotive Cybersecurity - Making Sense of a Complex Landscape

by Martin Hettwer published on April 29, 2021

Automotive Cybersecurity. If you are confused, you are not alone. First, you have ISO 27001 the information security management system standard for organizational and infrastructure Cybersecurity and an Automotive version of it called TISAX or a Trusted Information Security Assessment Exchange. Simply said if you don’t have TISAX Certification, you may not be able to communicate within the Automotive supply chain. TISAX is a German OEM requirement being contemplated by the US OEMs. Next, we have automotive product Cybersecurity, and a soon-to-be-released ISO standard called ISO 21434. At the same time, the UN got involved and countries are looking into WP.29, a regulatory requirement in Europe, to also be implemented in the US, Japan, and China. Both ISO 21434 and ISO 27001 are complementary solutions to the UNECE Cybersecurity regulation. Simultaneously the VDA created two standards for UN WP.29 and ISO 21434. The one for WP.29 is called ACMS (Automotive Cybersecurity Management System) and another for project-related implantation of ISO 21434, called “ASPICE for Cybersecurity."

Watch this webinar recording to decipher the confusing area of standards, requirements, and regulations.