Mona Hellstern, Stefan Langhanki, Florian Grün, Reiner Kriesten, Eric Sax
{"title":"Cybersecurity Approval Criteria: Application of UN R155","authors":"Mona Hellstern, Stefan Langhanki, Florian Grün, Reiner Kriesten, Eric Sax","doi":"10.4271/2024-01-2983","DOIUrl":null,"url":null,"abstract":"The UN R155 regulation is the first automotive cybersecurity regulation and has made security a mandatory approval criterion for new vehicle types. This establishes internationally harmonized security requirements for market approval, presenting a challenge for manufacturers and suppliers to demonstrate compliance throughout the product life cycle. An issued type approval is internationally recognized by the member states of the UN 1958 Agreement. International recognition implies that uniform assessment criteria are applied to demonstrate compliance and to decide whether security efforts are sufficient. Independent accredited assessors assess the security engineering results during type approval. Considering the risk-based approach of ISO/SAE 21434 to security engineering, assessing whether threats have been appropriately addressed is a challenge. While there are currently no uniform assessment criteria at product level, the question arises as to which development artifacts serve as indicators for determining the efficacy of mitigation strategies. In response to this challenge, the paper conducts an analysis of existing security concepts of the automotive security standard ISO/SAE 21434 and the Information Technology Security Evaluation Standard ISO 15408 (Common Criteria) and therefore provides an insight into the state-of-the-art of security evaluation methods. The overall objective is to derive applicable assessment criteria and recommendations for the UN R155 approval while taking into account relevant security properties that help to decide on the sufficiency of security measures. These recommendations aim to enhance the comprehensiveness of the security assessment associated with UN R155, fostering a more uniform approach to evaluating cybersecurity in the context of vehicle type approvals.","PeriodicalId":510086,"journal":{"name":"SAE Technical Paper Series","volume":"22 7","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SAE Technical Paper Series","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4271/2024-01-2983","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The UN R155 regulation is the first automotive cybersecurity regulation and has made security a mandatory approval criterion for new vehicle types. This establishes internationally harmonized security requirements for market approval, presenting a challenge for manufacturers and suppliers to demonstrate compliance throughout the product life cycle. An issued type approval is internationally recognized by the member states of the UN 1958 Agreement. International recognition implies that uniform assessment criteria are applied to demonstrate compliance and to decide whether security efforts are sufficient. Independent accredited assessors assess the security engineering results during type approval. Considering the risk-based approach of ISO/SAE 21434 to security engineering, assessing whether threats have been appropriately addressed is a challenge. While there are currently no uniform assessment criteria at product level, the question arises as to which development artifacts serve as indicators for determining the efficacy of mitigation strategies. In response to this challenge, the paper conducts an analysis of existing security concepts of the automotive security standard ISO/SAE 21434 and the Information Technology Security Evaluation Standard ISO 15408 (Common Criteria) and therefore provides an insight into the state-of-the-art of security evaluation methods. The overall objective is to derive applicable assessment criteria and recommendations for the UN R155 approval while taking into account relevant security properties that help to decide on the sufficiency of security measures. These recommendations aim to enhance the comprehensiveness of the security assessment associated with UN R155, fostering a more uniform approach to evaluating cybersecurity in the context of vehicle type approvals.
UN R155 法规是首个汽车网络安全法规,并将安全性作为新车型的强制性审批标准。这为市场审批确立了国际统一的安全要求,为制造商和供应商在整个产品生命周期内证明合规性提出了挑战。已签发的型式批准书在国际上得到联合国 1958 年协议成员国的承认。国际认可意味着要采用统一的评估标准来证明合规性,并决定安全措施是否充分。在型式批准过程中,独立的认证评估人员会对安全工程结果进行评估。考虑到 ISO/SAE 21434 对安全工程采用基于风险的方法,评估威胁是否已得到适当处理是一项挑战。虽然目前在产品层面没有统一的评估标准,但问题是哪些开发工件可作为确定缓解策略有效性的指标。为应对这一挑战,本文对汽车安全标准 ISO/SAE 21434 和信息技术安全评估标准 ISO 15408(通用标准)的现有安全概念进行了分析,从而深入了解了安全评估方法的最新进展。总体目标是为 UN R155 批准制定适用的评估标准和建议,同时考虑到有助于决定安全措施是否充分的相关安全属性。这些建议旨在提高与 UN R155 相关的安全评估的全面性,促进在车辆类型批准方面采用更加统一的网络安全评估方法。