Thales has been successfully certified against the automotive standard ‘ISO/SAE 21434’ following an independent audit.
There is a clear growing demand for increased cybersecurity in the automotive industry. The United Nations Economic Commission for Europe (UNECE) responded by issuing a new regulation (UN Regulation No. 155) for vehicle Cyber Security Management System. This covers risk and security assessment, threat detection, and vulnerability monitoring over the entire vehicle lifecycle. In consequence, the automotive industry is implementing a mandated cybersecurity standard (ISO/SAE 21434) that applies not only to car manufacturers, but also to all vehicle cybersecurity suppliers such as Thales. Being compliant in this highly regulated environment reinforces Thales’ leadership in automotive cybersecurity.
The ISO certification ensures Thales offers products with the highest level of security for car makers, integrators, and by extension users, and this starting from the vehicle development. It outlines the many procedures that should be followed to secure road vehicle cybersecurity. As a result, this certification demonstrates that the complete process of developing Thales cyber solutions has been evaluated and certified. Identifying the vehicle’s cybersecurity needs, designing and implementing cybersecurity measures, and continuously monitoring and updating the cybersecurity system are all part of the proven expertise.
By default, Thales’ ‘security-by-design’ approach is applied to all of its onboard solutions and services designed, built, and implemented in cars. This comprises embedded secure elements, credentials management and storage, authentication systems, firmware update and much more. It establishes strict vulnerability monitoring and risk assessment for a secure future-proof maintenance.
Furthermore, this certification reinforces the trust that Thales provides in the data management throughout the connected vehicle’s lifecycle. This is crucial because car makers must provide remote application and embedded device upgrading, patching, and improvement in connected vehicles. This data protection capability protects vehicles from cyberattacks while also increasing customer trust in the +300 million connected cars expected by 20271.
“Automotive connectivity and digitisation provide end-customers with numerous service opportunities. However, in order to benefit from these services, drivers and passengers must trust the safety, security and privacy of their vehicle,” said Christine Caviglioli, VP Automotive at Thales. “We consider the impact of ISO certification as highly positive for the market. Obtaining this certification makes us feel even more proud in a climate where cyber has become vital and indisputable. At Thales, we are all set to continue supporting our customers in the face of this new security challenge by providing certified ‘ready to use’ solutions.”