Primary standards
Three binding standards govern the cybersecurity aspects of how vehicles and their supporting systems are developed, produced, and maintained. Non-compliance with those standards can lead to legal and financial implications for OEMs and suppliers, so let’s take a deeper look.
UNECE WP.29
Different government and international bodies have mandated cybersecurity standards and regulations that govern OEMs within their geographic region. The United Nations Economic Commission for Europe (UNECE) World Forum for Harmonization of Vehicle Regulations (WP.29) has defined two such regulations that apply to members of the UNECE region [17]. The first regulation concerns the mandate for automotive manufacturers to implement a Cybersecurity Management System (CSMS) [3], while the second concerns the regulation for establishing a Software Update Management System (SUMS) [6]. These regulations cover four distinctareas, which include managing the vehicle cybersecurity...
