New cybersecurity standards that proposes cybersecurity measures for the development lifecycle of road vehicles has recently been released.

The SAEJ3061, “Cybersecurity Guidebook for Cyber-Physical Vehicle Systems” that was release in August 2016 by ISO has been completely reworked and superseded by a new, first edition, ISO/SAE21434, “Road vehicles – Cybersecurity engineering”. The new cybersecurity standard has jointly been developed by ISO and SAE working groups.

ISO, familiar to most, is short for the International Organization for Standardization, which is a non-governmental worldwide federation of 165 national standards bodies. ISO was officially established in February 1947 and ever since International Standards have been developed through the work of ISO technical committees.

SAE International, also familiar to most (within this community), is short for Society of Automotive Engineers and a global association and standards developing organization for engineering professionals in various industries, such as aerospace, automotive and commercial-vehicle industries. SAE was formed in the beginning of the last century from the urge of that time automobile manufacturers and parts companies to solve common technical design problems and develop engineering standards.

The new standard aims to help automotive related manufacturers of getting one step ahead as it addresses the cybersecurity perspective in engineering of electrical and electronic systems for on-road vehicles. Further, it defines vocabulary, objectives, requirements, and guidelines related to cybersecurity engineering for a common understanding and mindset throughout the entire supply chain that will also help manufacturers to keep abreast of changing technologies and cyber-attack methods. State-of-the-art technology and methods for evolving different types of attacks are also mentioned, and hopefully the standard developed will enable organizations to:

  • define cybersecurity policies and processes
  • manage cybersecurity risk, and
  • foster a cybersecurity culture and mindset.


Written by Joakim Rosell