Cybersecurity Risks In Automotive Electronics
By: Sergio Marchese
The ISO/SAE 21434 draft standard includes the notions of risk value and cybersecurity assurance level. What’s the difference? Are they equally important?
The upcoming ISO/SAE 21434 international standard is dedicated to the cybersecurity of electrical and electronic (E/E) systems in road vehicles. Besides reducing the risk of holiday disruptions, the standard will dramatically improve the privacy of car owners and help protect intellectual properties (IPs) and other assets of car producers and their supply chain. As there is no safety without security, a successful car hack could put many lives in danger. That is why ISO/SAE 21434 references and complements the ISO 26262 automotive functional safety standard. As it may be expected, threat scenarios that could lead to high-severity consequences deserve more attention and, potentially, require the specification and implementation of controls for risk reduction.
While CALs and risk values may sound similar, they are, in fact, quite different. CALs are described in an annex of the standard, which is an informative (as opposed to normative) section. This could change in the first release of the standard. Apparently, CALs are a controversial topic within the committee developing the standard, and subject to an ongoing debate. The concept of risk value and its determination, on the other hand, is part of ISO/SAE 21434 requirements. Moreover, while CALs are, at least in an ideal case, constant, risk values may change during the product lifecycle. A risk value that is deemed too high may trigger the implementation of additional controls until it is reduced to an acceptable level. During product operation, a new vulnerability could be discovered, which increases the risk value.