VeNIT Lab and BigTRI contributed to a comprehensive report on automotive cybersecurity V&V and testing in collaboration with IAMTS and fellow partners. The report focuses on International Standards and Regulations and their applicability, regional approaches to automotive cybersecurity V&V standards and regulations, and industrial approaches to automotive cybersecurity V&V activities, including processes and tools. Standards and regulations such as UNECE R.155, ISO/SAE 21434, etc. are intensively discussed and explained.
In the survey of regional standards & regulations, we focused on regions of North America (Canada, the USA), Asia (China, Japan, Republic of Korea), and lastly Europe (Germany, France, and the UK). All the regulations and standards are explained for each region and country, along with subjects such as technical requirements, test practices, and definitions. For process and tools, we performed a qualitative survey among IAMTS members and trusted partners to comprehend the practices utilized in the industry. The tools are categorized, and explained, while the most common tools, standards, and approaches are analysed in detail.
EU is developing approaches to increase the transparency and awareness of the cybersecurity consumer including in the automotive industry. Governments and the industry are supporting cybersecurity development with standardization efforts and secure-by-design architecture. Currently guidance on testing automotive systems is limited to specific scenarios, focusing on electronic systems, and that is to change in the future. Requirements of R. 155. are being resolved, as a regulatory reform is being done for the cybersecurity of automotive products.