Your browser is outdated

The internet explorer is no longer supported. Please switch browsers for better website experience.

Automotive Cybersecurity Keyvisual

Automotive Cybersecurity

Providing 360° cyber security services for vehicles in line with recent industry standards and regulations.

Automotive Cybersecurity

The connectivity of current and future vehicles can pose a potential threat. Cyber hackers could use them to manipulate vehicles and endanger the safety of road users. Therefore, vehicles need to be protected from cyberattacks.

New vehicle approval regulations such as UNECE R155 for cybersecurity and R156 for software updates and related new standards must be complied with during vehicle development and during the operational phase. Essentially, it is about systematically identifying and managing - i.e. reducing - cyber risks. To do this, process management systems must be implemented in the organization, as well as corresponding technologies in the vehicle.

To help our customers meet these new challenges, DEKRA offers a portfolio of cybersecurity and software upload services. The spectrum includes training, consulting, organisational auditing, product assessment and corresponding certifications.

  • 30+ years of industry knowledge

  • DEKRA quality in vehicle testing and homologation

  • Network of DEKRA experts worldwide

  • Audit and Certification expertise

The ISO has released a draft version of an automotive cyber security engineering standard (ISO DIS 21434) and has announced to release a new standard for automotive software upload (ISO DIS 24089) to provide common understanding and aspects of automotive cyber security in terms of Processes, Requirements and Guidelines.

Those affected by the ISO 21434 standard are:

  • Vehicle manufacturers

  • Suppliers of software-based components/systems

  • Engineering service providers

  • Software- and ICT-infrastructure service providers

  • For software upload, compliance to ISO 21434 is a main requirement along the complete vehicle development and lifecycle supply chain.

Requirements for Vehicle Manufacturers and Suppliers

Icon Car

The OEM is responsible

The whole cyber security process is in the hands of the manufacturer and must be maintained throughout the entire vehicle’s lifecycle.

Icon Chip

Indirect obligations of suppliers

Requirements for risks, mitigations, testing and support will be cascaded down to the supply chain.

Icon Process

Testing critical components

Security testing of critical components is vital for ensuring the overall security of the vehicle system.

ACS Graphic

The R155 regulation specifies the requirements for the type approval of vehicles with regard to their cybersecurity. It refers to the specific requirements for the security inspection and approval of vehicles and components that must be operated in a secure condition to ensure that they do not pose a threat to road safety.

The R156 regulation defines the requirements for the technical approval of cybersecurity management systems (CSMS) and safety surveillance systems (SUMS) for vehicles developed in accordance with the R155 regulation.

DEKRA Automotive Cybersecurity Services ensures that your automotive systems are protected from cyber threats. Our services include:

Automotive Cybersecurity Services

DEKRA offers evaluation and expertise services to help you ensure compliance with ISO/SAE 21434 and ISO/DIS 24089 standards. Our services include gap analysis, readiness checks, compliance audits, and project/product cybersecurity assessments (ISO/SAE 21434 only).

DEKRA’s evaluation and expertise services also cover R155/R156 standards and provide CSMS/SUMS readiness checks, audits, certifications, and type approval services.

The DEKRA team of experts conducts PEN-testing, vulnerability scans and fuzz testing to ensure that your systems are secure against cyber-attacks.

DEKRA also offers a range of training services to educate your team on cybersecurity engineering according to ISO 21434, extended TARA, secure software development, secure vehicle/system architectures, the basics of cybersecurity, and cybersecurity awareness (including daily work and email phishing).

„You have to look at cybersecurity holistically - especially in the automotive industry.“

Thomas Thurner, Head of Cybersecurity

Stay ahead of the curve and protect your automotive systems from cybersecurity threats with our specialized services.

Share page