News
Thales has been successfully certified against the automotive standard ’ISO/SAE 21434’
May 2023 by Marc Jacob
There is a clear growing demand for increased cybersecurity in the automotive industry. The United Nations Economic Commission for Europe (UNECE) responded by issuing a new regulation (UN Regulation No. 155) for vehicle Cyber Security Management System. This covers risk and security assessment, threat detection, and vulnerability monitoring over the entire vehicle lifecycle. In consequence, the automotive industry is implementing a mandated cybersecurity standard (ISO/SAE 21434) that applies not only to car manufacturers, but also to all vehicle cybersecurity suppliers such as Thales. Being compliant in this highly regulated environment reinforces Thales’ leadership in automotive cybersecurity.
The ISO certification ensures Thales offers solutions with the highest level of security for car makers, integrators, and by extension users, and this starting from the vehicle development. It outlines the many procedures that should be followed to secure road vehicle cybersecurity. As a result, this certification demonstrates that the complete process of developing Thales cyber solutions has been evaluated and certified. Identifying the vehicle’s cybersecurity needs, designing and implementing cybersecurity measures, and continuously monitoring and updating the cybersecurity system are all part of the proven expertise.
By default, Thales ’security-by-design’ approach is applied to all of its onboard solutions and services designed, built, and implemented in cars. This comprises embedded secure elements, credentials management and storage, authentication systems, firmware update and much more. It establishes strict vulnerability monitoring and risk assessment for a secure future-proof maintenance.
Furthermore, this certification reinforces the trust that Thales provides in the data management throughout the connected vehicle’s lifecycle. This is crucial because car makers must provide remote application and embedded device upgrading, patching, and improvement in connected vehicles. This data protection capability protects vehicles from cyberattacks while also increasing customer trust in the +300 million connected cars expected by 20271.
