A Global Survey of Recent Trends in Automotive Cyber Security Testing

Security takes precedence in a computing continuum, and the DECICE project places a strong emphasis on security while building a device-edge-cloud collaboration platform. The requirement for security extends for the entities operating within this framework, to establish a comprehensive approach. In the context of mobility applications, automotive cybersecurity testing is pivotal, ensuring the cyber-resilience and integrity of these applications.

As a partner in the DECICE Project, BigTRI actively contributes to the C-ITS use case in collaboration with VeNIT Lab at Marmara University. This use case aims to validate and demonstrate the capabilities of the DECICE framework, in terms of enhancing solutions for smart and connected mobility. BigTRI is deeply invested in research and development within the C-ITS domain, focusing on safety and cybersecurity testing for V2X communication and autonomous driving systems, along with the development of applications that enhance road safety, traffic efficiency, and driving comfort.

Notably, a recent survey paper authored by several partners of the International Alliance for Mobility Testing and Standardization (IAMTS), including BigTRI and Marmara University, has been published in the SAE Journal of Connected and Autonomous Vehicles (SAE JCAV). Titled ‘A Global Survey of Standardization and Industry Practices of Automotive Cybersecurity Validation and Verification Testing Processes and Tools'[1], the paper addresses the UNECE Regulation 155 (UN R155) [2], which mandates the development of cybersecurity management systems (CSMS) in the automotive industry.

The study focuses on the gap in knowledge regarding validation and verification testing activities in line with UN R155 and ISO/SAE 21434:2021—Road Vehicle Cybersecurity Engineering [3]. The findings indicate a trend among national regulatory authorities to incorporate UN R155 into their vehicle regulations, with variations based on regulatory culture, and highlight the evolving testing approaches in the automotive industry, especially with regard to electrical/electronic components and emerging technologies like connected and autonomous vehicles.

The article is open access, please visit SAE Mobilus for more information and to view the article. SAE Mobilus is the online repository of technical content, including SAE standards and technical articles published by the Society of Automotive Engineers (SAE).

Author: Berkay Yaman

Reference

[1] Roberts, Andrew & Marksteiner, Stefan & Soyturk, Mujdat & Yaman, Berkay & Yang, Yi. (2023). A Global Survey of Standardization and Industry Practices of Automotive Cybersecurity Validation and Verification Testing Processes and Tools. SAE International Journal of Connected and Automated Vehicles. 7. 10.4271/12-07-02-0013.

[2] United Nations Economic Commission for Europe (UNECE) (2021), E/ECE/TRANS/505/Rev.3/Add.154, Available at: https://unece.org/transport/vehicle-regulations-wp29/standards/addenda-1958-agreement-regulations-141-160, accessed on: 12.12.2023

[3] International Organization for Standardization (ISO) & Society of Automotive Engineers (SAE), ISO/SAE 21434:2021 Road vehicles – Cybersecurity engineering, Available at: https://www.iso.org/standard/70918.html, accessed on: 12.12.2023

Links

BigTRI: https://www.bigtri.net/

SAE Mobilus: https://saemobilus.sae.org/content/12-07-02-0013/ 

Keywords

cybersecurity, iso21434, r155, mobility, V2X communication, mobility, automotive