Embitel

Search
Close this search box.

ISO 21434 Compliant Automotive Cybersecurity Development: Ensuring Secure-By-Design

Automotive Cybersecurity as per ISO 21434: Solutions and Services

Securing a vehicle connected to multiple data sources over different networks is a technology intensive task. And a very crucial one at that! Each connected module in a vehicle is a potential entry point for cyber-attacks.

We at Embitel, have delivered multiple automotive projects with cybersecurity at their core. So, we know where to put the plug! Automotive cybersecurity is all-pervasive, hardware, software, network, and cloud; we help you secure each one of them.

Solutions and Services for Automotive Cybersecurity

Embitel provides a full range of automotive cyber security services, covering all stages from development and production to post-production.

cybersecurity
Polygon-1
Cybersecurity Consulting

Our cybersecurity consulting services involve comprehensive vulnerability analysis and recommendations for implementing robust security measures.

From the initial cybersecurity plan through the concept phase, we work closely with our clients to embed security into the very fabric of automotive solutions.

AEM Managed Services

AEM Managed Services

Our AEM development team works closely with your teams to provide SLA-based managed services for AEM deployment, both on-premises and on the cloud. Our series of Adobe Managed Services comprises of automated backups, health checks, disaster recovery, application maintenance and monitoring security. We help you leverage end-to-end AEM capabilities and increase the responsiveness of your platform.

Threat Analysis and Risk Assessment (TARA)

TARA services focus on systematically identifying and evaluating potential cyber threats to automotive systems.

In our approach to TARA, we emphasize the early integration of risk assessment into the automotive development process.

Polygon-2-1
development of secure
Polygon 3
ISO 21434 compliant solutions development

As early adopters of ISO 21434 standard, our automotive cybersecurity team is equipped with the right skill-set and tool knowledge to provide ISO 21434 compliant automotive solutions development services.

ISO 21434 compliant software development begins with cybersecurity concept to secure design and security-aware software construction.

AEM Cloud Services With AEM as a cloud service you get to enjoy the full capabilities of AEM tools and platforms in cloud-native environs. AEM as a cloud service gives unprecedented scalability and efficiency in performance. Our specialist team will guide you in delivering exceptional customer experiences through built-in AEM extensions.
AEM Cloud Services
Polygon-2-1
transport layer
Polygon-1
ISO 21434 compliant testing services

Our dedicated testing team offers comprehensive ISO 21434 compliant testing services, where we rigorously evaluate automotive systems and components for cybersecurity compliance.

Our testing services include support for penetration testing, fuzz testing and ISO 21434 mandated V&V methods.

AEM Cloud Services

AEM Cloud Services

With AEM as a cloud service you get to enjoy the full capabilities of AEM tools and platforms in cloud-native environs. AEM as a cloud service gives unprecedented scalability and efficiency in performance. Our specialist team will guide you in delivering exceptional customer experiences through built-in AEM extensions.

Customer Success Story: Flash Secure Bootloader Development

Image 1

Business Challenge:

  • Authenticity and integrity of the data to be flashed on automotive ECUs must be ensured to avoid mishaps.

  • Solutions like ADAS, Telematics, Body Control Modules, etc. require secure Bootloaders equipped with features such as Digital Signature, Encryption, HMS and others.

Embitel’s Solution:

  • We have developed secure Bootloader solutions for our customers based on their specific security requirements. Our bootloader solution comprises security features including AES-128, Digital Signature, CRC32, HMS Drivers, Secondary Bootloader (SBL). These components ensure that the inter-ECU data transmission is secure and data integrity is not compromised.

  • AES 128 algorithm has been used for encryption/decryption of the image file. Data is secured using the AES 128 algorithm before sending it to the ECU from the flashing device.
Read More…

Understanding Automotive Cybersecurity Use-cases

Why Partner with Us

Dedicated Team

A dedicated team of cybersecurity experts manages the project and closely monitors each activity

End to End Cybersecurity

Our automotive cybersecurity approach is designed to cater end-to-end cybersecurity requirements- from gap analysis to compliance

Successful Deliveries

We have delivered secure bootloader solutions, software stacks implemented with Transport Layer Security (TLS) module and state-of-the-art security algorithms

Industry Experience

What does ISO 21434 standard entail?

ISO/SAE 21434 is a comprehensive standard that outlines the requirements for cybersecurity risk management in the design and production of automotive systems. This standard is essential for OEMs and Tier-1 suppliers as it guides the integration of cybersecurity measures across the vehicle's lifecycle.

It emphasizes the development of a robust cybersecurity management system, systematic risk assessment through TARA, and integrating security into the product development lifecycle.

The standard also focuses on efficient incident response, industry collaboration for knowledge sharing, and stringent documentation practices. Essentially, it ensures that automotive products are secure and compliant in an era of increasing cyber threats.

How does Embitel support for ISO 21434

  • Embitel can assist in conducting thorough risk assessments (TARA) to identify potential cybersecurity threats and develop effective mitigation strategies.
  • We provide support for aligning with ISO/SAE 21434 standards for cybersecurity management.
  • We can help establish Cybersecurity Management Systems for managing risks throughout the product lifecycle.
  • Our teams offer support in creating secure automotive software from design to production.
  • We offer extensive testing services including fuzz testing and penetration testing as per ISO 21434 standard.

Automotive Cybersecurity Lifecycle as per ISO 21434 Standard

  • Cybersecurity Item Definition: We will assist you in clearly defining the cybersecurity items, ensuring a solid foundation for building ISO 21434 compliant automotive solutions.
  • Threat & Risk Analysis / Risk Treatment: Expertise in conducting thorough threat and risk analyses (TARA), followed by effective risk treatment strategies, crucial for achieving ISO 21434 compliance.
  • Cybersecurity Concept: Embitel's approach in developing comprehensive cybersecurity concepts can guide you in establishing robust security frameworks aligned with ISO 21434 standards.
  • Technical Cybersecurity Concept: By developing technical cybersecurity concepts, we will support in detailed planning of security measures.
  • Secure Design: We integrate cybersecurity considerations into the core of automotive product design, in line with ISO 21434 requirements.
  • Source Code Analysis: With services in source code analysis focused on cybersecurity, we can help identify and mitigate potential security vulnerabilities early in the development process, essential for ISO 21434 compliance.
  • Design Verification as per ISO 21434: Embitel offers design verification services that align with ISO 21434, ensuring that the cybersecurity design meets all required standards and specifications.
  • Concept Verification: Through concept verification, we help validate that the cybersecurity concepts are effectively addressing the identified risks and are in compliance with ISO 21434.
  • Acceptance Testing: Our acceptance testing services ensure that the final automotive products meet all cybersecurity requirements as per ISO 21434, ready for market release.
  • Cybersecurity Case Report: We aid in the preparation of cybersecurity case reports, documenting the cybersecurity measures and their effectiveness, a key component for demonstrating ISO 21434 compliance.
lifecycle

Automotive Cybersecurity Applications

Frequently Asked Questions on Automotive Cybersecurity

Do you follow the latest ISO 21434 standard for automotive cybersecurity?

Ans: ISO 21434 standard has recently been published. However, our cybersecurity team has been closely following the various stages that the standard has gone through. Hence, we have a fair understanding of the standard.

We have been delivering cybersecurity related projects before the release of ISO 21434 standard, primarily based on its draft version. Since, the standard is now published, we follow the automotive cybersecurity guidelines as prescribed in the standard for all cybersecurity related projects.

Can your cybersecurity team transform an existing product to cybersecurity compliant solution?

Ans: Yes, we can make your existing automotive solution compliant to automotive cybersecurity. The process requires gap analysis and an assessment of existing cybersecurity measures. After the gap analysis, we will lay down the requirements and make changes in the solution. The changes might affect the entire system architecture, introduce new validation and verification methods and more depending on various factors.

How do you ensure remote vehicle diagnostics securely?

Ans: Diagnosing a vehicle remotely has emerged as a convenient for the customer as well as the service center. But it also opens up a potential threat of unauthorized access to the vehicle function. We have a ready-to-deploy DoIP protocol software that enables remote ECU diagnostics. It is made secure by the Transport Layer Security module (TLS module) among other features such as Secure Socket Layer (SSL) and IP security.

What are the security features in your FOTA solution?

Ans: We have delivered FOTA solution to our customers with security features as required by the projects’ specifications.

Let’s look at all security features implemented:

  • Code signing to ensure trustworthiness (data integrity & source authentication) of the firmware image to be updated.
  • Integration of Wi-Fi/Bluetooth/GPRS/GSM modules for secure communication between the FOTA server and the target devices.
  • Integration of the firmware with IoT protocols such as MQTT, CoAP; HTTPS & SSL for secure data exchange
  • We have chosen specific encryption methods to check the sanity of the update package
What are the security features in your secure Bootloader module?

Ans: We equip our Secure Bootloader solution with AES-128, CRC32, HMS Drivers, Digital Signature and Secondary Bootloader (SBL) features. These components make sure that that the data transmission between ECUs is completely secure.

A snapshot of our Flash Bootloader’s security features:

  • Cybersecurity is implemented as per the project’s requirement and in case of an ISO 26262 compliant project, the ASIL grade assigned to the solution.
  • Secondary Bootloader also helps in securing Bootloader software. follows the following sequence:
  • Our secure Bootloader solution uses SHA 256 Algorithm for Digital. ECU validates this digital signature before downloading the image file for ECU flashing.
  • Data Integrity is validated using CRC32, an error detecting code part of the platform software of the Bootloader solution.
  • Few microcontrollers come with built-in HSM module that implements security for the Bootloader. We develop the HSM device driver for the Bootloader Software to access the HSM module of the microcontroller.

How is cybersecurity relevant to the automotive industry?
Ans-
  • With the connected cars and SDV approaches, the software composition in the vehicle is ever increasing. An automotive vehicle is technically now a software on wheels with an increased vulnerability to cyber threats.
  • Hence many countries around the world have adopted/ planning to adopt UNECE WP.29 regulations which requires automotive manufacturers to provide proof of cybersecurity measures for vehicle type approval.
  • The Automotive-SPICE 4.0 also has now incorporated cybersecurity process group setting the expectations on the industry, especially for the automotive suppliers involved in product development.
How are safety and security connected?
Ans- Automotive industry has adopted ISO26262 as a de-facto standard for making the vehicles safe. This standard has already been practiced in the industry by both OEM and suppliers for vehicle homologation and component development. ISO26262 addresses to limit or eliminate the unintended system behavior that can lead to safety issues. However, this does not address the intentional manipulation of the system by an external entity that could potentially compromise the safety of vehicle, its users and the road occupiers. Hence the security and safety go hand in hand in the modern connected vehicles. ISO 21434 is the standard that guides automotive cybersecurity.

Automotive Cybersecurity Blogs, Webinars and More

Modern connected vehicles need to be as secure as they are safe. In many aspects, security will be directly responsible for safety of the vehicle. Hence, there is a need for cybersecurity and functional safety to work in tandem.

As cars transform into complex software system with numerous connected ECUs, they become more vulnerable to cyber-attacks. This necessitates a shift in vehicle architecture towards a secure-by-design approach.

What are the cybersecurity risks associated with charging system for electric vehicles? Are there enough preventive measures in place to mitigate these risks?

As vehicles transform into highly connected, software-driven machines, protecting them from cyber threats has become paramount.

Knowledge Bytes: Insights on Automotive Cybersecurity

Automotive cybersecurity is all about protecting the vehicle electronic components from unauthorized access and control. Growing degree of connectivity in vehicles creates avenues for amazing features. However, connectivity to external entities also makes the systems vulnerable to cyber-attacks. Automotive cybersecurity is a set of measures that can identify and thwart such attacks and keep the vehicle occupants safe.

Cybersecurity for road vehicles has been standardized in ISO 21434 standard. This standard defines the engineering requirements for managing the risks associated with cybersecurity. Right from the concept phase to component decommissioning, the standard has a framework for cybersecurity processes.

Automotive cybersecurity makes sure that the data transmitted to and from the vehicle ECU is delivered unchanged and to the intended party. To achieve this, three important aspects are controlled- Authenticity, Integrity, and Confidentiality.

Authenticity of the data implies that the data has been exchanged in a trustworthy manner and has been delivered to the intended receiver.

Integrity of the data means that the data has not been tampered with and the content is delivered unchanged and complete.

Confidentiality entails that there is encryption algorithm securing the data and to prevent it from being accessed and read by unauthorized recipient.

Scroll to Top