There is a clear growing demand for increased cybersecurity in the automotive industry worldwide. The United Nations Economic Commission for Europe (UNECE) has responded by issuing a new regulation (UN Regulation No. 155) for vehicle Cyber Security Management System.
Thales, a global leader in advanced technologies within the domains of defence and security, aeronautics and space, and digital identity and security, has been successfully certified against the automotive standard ‘ISO/SAE 21434’. This follows an independent audit, demonstrating the highest level of cybersecurity expertise in the field.
The ISO/SAE 21434 certification covers risk and security assessment, threat detection, and vulnerability monitoring over the entire vehicle lifecycle. In consequence, the automotive industry is implementing a mandated cybersecurity standard (ISO/SAE 21434) that applies not only to car manufacturers, but also to all vehicle cybersecurity suppliers such as Thales.
According to the company, “Obtaining this critical certificate required by 68 countries, establishes Thales as a trusted cybersecurity provider for the automotive market.”
Cybersecurity across entire vehicle lifecycle
Car industry players must conform to stringent regulations, and Thales’ overall cybersecurity expertise helps them in monitoring and preventing cyber threats; such as hacking, data theft and software alteration.
The ISO certification ensures Thales offers solutions with the highest level of security for car makers, integrators, and by extension users, and this starting from the vehicle development. It outlines the many procedures that should be followed to secure road vehicle cybersecurity. As a result, this certification demonstrates that the complete process of developing Thales cyber solutions has been evaluated and certified. Identifying the vehicle’s cybersecurity needs, designing and implementing cybersecurity measures, and continuously monitoring and updating the cybersecurity system are all part of the proven expertise.
As per Thales, by default, its ‘security-by-design’ approach is applied to all of its onboard solutions and services designed, built, and implemented in cars. This comprises embedded secure elements, credentials management and storage, authentication systems, firmware update and much more. It establishes strict vulnerability monitoring and risk assessment for a secure future-proof maintenance.
Furthermore, this certification reinforces the trust that Thales provides in the data management throughout the connected vehicle’s lifecycle. This is crucial because car makers must provide remote application and embedded device upgrading, patching, and improvement in connected vehicles. This data protection capability protects vehicles from cyberattacks while also increasing customer trust in the over 300 million connected cars expected by 2027.
“Automotive connectivity and digitisation provide end-customers with numerous service opportunities. However, in order to benefit from these services, drivers and passengers must trust the safety, security and privacy of their vehicle,” said Christine Caviglioli, VP Automotive at Thales. “We consider the impact of ISO certification as highly positive for the market. Obtaining this certification makes us feel even more proud in a climate where cyber has become vital and indispensable. At Thales, we are all set to continue supporting our customers in the face of this new security challenge by providing certified ‘ready to use’ solutions.”
Image: Thales