Compliance with UN-R155 Cybersecurity Regulations and ISO/SAE 21434
Various products that are widespread in the world are equipped with wireless communication functions, allowing them to communicate with each other. By enabling communication in automobiles, it has become possible to implement autonomous driving and perform operations and maintenance from remote locations. As cars communicate, the need for hacking countermeasures for automobiles has also arisen. Efforts are underway not only in development but also in standards and legal frameworks for automotive hacking countermeasures. Vitz has been engaged in automotive cybersecurity for a long time, accumulating know-how in development, vulnerability information collection, and compliance with standards. We provide support for automotive cybersecurity measures through the following services: - Security seminars for the automotive industry - Provision of explanatory documents - SIRT (Security Incident Response Team) services - Support for the implementation of security processes - Assistance in threat analysis/vulnerability analysis
Inquire About This Product
basic information
On June 25, 2020, the "World Forum for Harmonization of Vehicle Regulations (WP29)," a subsidiary body of the United Nations Economic Commission for Europe, adopted guidelines mandating cybersecurity measures. Vehicles that do not comply with the UN-R155 cybersecurity regulations may be unable to be sold in many countries, including Europe and Japan (excluding the United States and China). The key points of the requirements are as follows: 1. Authorities (*) will conduct a preliminary review to confirm that manufacturers (OEMs) have established a Cybersecurity Management System (CSMS) and will issue a compliance certificate. 2. Authorities (*) will review whether the vehicle type meets cybersecurity requirements and will issue type approval. (*) In Japan, the authority = Ministry of Land, Infrastructure, Transport and Tourism. To obtain the compliance certificate for the CSMS, which is the first key point, it is necessary to establish organizations, rules, and processes in accordance with the international standard ISO/SAE 21434 and to explain their validity to a third party. It is required that suppliers demonstrate the establishment of a CSMS, and audits must be conducted by the OEMs supplying parts, necessitating a collective effort towards cybersecurity across the entire automotive industry.
Price range
Delivery Time
Applications/Examples of results
Please feel free to contact us.
Detailed information
-
- Security Seminar for the Automotive Industry Starting in January 2021, the enforcement of UN-R155 Cybersecurity regulations began, requiring companies involved in automotive development to establish a Cyber Security Management System (CSMS) in compliance with ISO/SAE 21434. Section "5.4.2. Cybersecurity Culture" of ISO/SAE 21434 mandates that personnel involved in cybersecurity possess the necessary skills related to cybersecurity. To meet this requirement, we are conducting cybersecurity education in a seminar format.
-
- Provision of explanatory documents We provide explanatory documents that summarize the information necessary to understand the requirements of UN-R155 Cybersecurity Regulations and ISO/SAE 21434, including the content of related documents. Additionally, we offer various documents (such as processes and procedures) that are necessary to fulfill the requirements of UN-R155 regulations and ISO standards.
-
- SIRT (Security Incident Response Team) Service ISO/SAE 21434 defines the requirements for product production and operation in the market after product development is completed. Among these, the requirements for SIRT (Security Incident Response Team) activities are particularly important. ISO/SAE 21434 outlines the requirements for collecting vulnerability information through field monitoring, addressing discovered vulnerability information (triage), and incident response when actual hacking occurs against the company's products. There have been numerous reports of hacking incidents involving automobiles, starting with the remote hacking of a Jeep Cherokee (2015). It is crucial to establish an incident response process in preparation for such situations. Vitz utilizes human resources from Okinawa to gather threat/vulnerability information from around the world. From the collected threat/vulnerability information, we extract relevant data pertaining to our products (developed items) and report specific attack methods and adverse effects.
catalog(2)
Download All Catalogs
Company information
We, Vitz, were established in 1997 and have gained the trust of our customers. In 2004, we successfully developed the automotive international standard specification RTOS (Real-Time Operating System), which served as an opportunity for us to be recognized for our advanced technology related to automobiles. Furthermore, in 2010, we became the first in Japan to obtain the functional safety standard "IEC 61508 SIL3 Software Development Process Certification." In 2012, we were the first in the world to obtain the automotive functional safety standard "ISO 26262 ASIL D Software Development Process Certification." This recognition affirmed our capability to develop safe software. In July 2020, we transitioned to the First Section of the Tokyo Stock Exchange. Vitz conducts research and development through collaboration between industry, government, and academia, bringing next-generation technologies to practical use. Our core technologies can be applied not only in automobiles but also in industrial machinery, digital home appliances, medical fields, and railways. Creating Life of Your Dreams ~Enriching people's lives with technology a step ahead~ With this aspiration in mind, we will contribute to the creation of a richer and better future society through our technology.