January 22, 2021


Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Security Engineering for ISO 21434. (arXiv:2012.15080v2 [cs.CR] UPDATED)

The ISO 21434 is a new standard that has been proposed to address the future
challenges of automotive cybersecurity. This white paper takes a closer look at
the ISO 21434 helping engineers to understand the ISO 21434 parts, the key
activities to be carried out and the main artefacts that shall be produced. As
any certification, obtaining the ISO 21434 certification can be daunting at
first sight. Engineers have to deploy processes that include several security
risk assessment methods to produce security arguments and evidence supporting
item security claims. In this white paper, we propose a security engineering
approach that can ease this process by relying on Rigorous Security Assessments
and Incremental Assessment Maintenance methods supported by automation. We
demonstrate by example that the proposed approach can greatly increase the
quality of the produced artefacts, the efficiency to produce them, as well as
enable continuous security assessment. Finally, we point out some key research
directions that we are investigating to fully realize the proposed approach.