A Cyber Security Management System (CSMS) is soon going to become mandatory for all vehicles manufacturers and suppliers.
In the automotive industry, we are currently seeing that Cyber Security is already a critical success factor. Starting with July 2024, the type approval of vehicles will only be possible if a certified CSMS is available and Cyber Security is ensured throughout the entire life cycle of the vehicle.
UNECE WP.29, an upcoming UN regulation on Cyber Security and the ISO/SAE 21434 standard are expected to make this mandatory from mid 2024.
But what is a Cyber Security Management System ?
We have a bit of an idea from WP.29:
The vehicle manufacturer shall demonstrate to an Approval Authority or Technical Service that their Cyber Security Management System applies to the following phases:
– Development phase;
– Production phase;
– Post-production phase.
There are some phases missing here, right?
What about:
- Design
- Architecture
- Change Management
- Updates
More details in the next post.