Automotive Cybersecurity | DEKRA
Automotive Cybersecurity

Providing 360° cybersecurity services for vehicles in line with industry standards and regulations

Automotive Cybersecurity

The connectivity of current and future vehicles can pose a potential threat. Cyber hackers could use them to manipulate vehicles and endanger the safety of road users. Therefore, vehicles need to be protected from cyberattacks.

New vehicle approval regulations such as UNECE R155 for cybersecurity and R156 for software updates and related new standards must be complied with during vehicle development, production, and operational phase. Essentially, it is about systematically identifying and managing - i.e. reducing - cyber risks. To do this, process management systems must be implemented in the organization, as well as corresponding technologies in the vehicle.
To help our customers meet these new challenges, DEKRA offers a portfolio of cybersecurity and software upload services. The spectrum includes training, evaluation expertise, organisational auditing, product assessment and corresponding certifications.
In recent years, the ISO has published standards for automotive cybersecurity engineering (ISO/SAE 21434) and automotive software upload (ISO 24089) to provide common understanding and aspects of automotive cyber security in terms of processes, requirements and guidelines.
Requirements for Vehicle Manufacturers and Suppliers
The OEM is responsible
The whole cyber security process is in the hands of the manufacturer and must be maintained throughout the entire vehicle’s lifecycle.
Indirect obligations of suppliers
Requirements for risks, mitigations, testing and support will be cascaded down to the supply chain.
Testing critical components
Security testing of critical components is vital for ensuring the overall security of the vehicle system.
The R155 specifies the organizational cybersecurity activities (the CSMS) of an OEM as well as a CS-type approval. A certified CSMS is a precondition for a type approval in which the CS protection of a vehicle E/E architecture is verified.
The R156 specifies the organizational software upload activities (the SUMS) of an OEM as well as a SU-type approval. A certified SUMS is a precondition for a type approval in which the SU capabilities of a vehicle E/E architecture are verified.
DEKRA’s automotive cybersecurity services ensure that your automotive systems are protected from cyber threats. Our services include:
Automotive Cybersecurity Services
ISO/SAE 21434 and ISO 24089
DEKRA offers evaluation expertise and compliance audits to help you ensuring compliance with
ISO/SAE 21434 and ISO 24089 standards. Additionally, DEKRA conducts project/product cybersecurity assessments according to ISO/SAE 21434.
UNECE R155/R156
Cybersecurity V&V
Trainings

You have to look at cybersecurity comprehensively - especially in the automotive industry.

Thomas Thurner, Head of Automotive Cybersecurity Services
Stay ahead of the curve and protect your automotive systems from cybersecurity threats with our specialized services.