Automotive Cyber Security

Providing 360° cyber security services for vehicles in line with recent industry standards and regulations.

Find out more

30+ years of industry knowledge
DEKRA quality in vehicle testing and homologation
Network of DEKRA experts worldwide
Audit and Certification expertise

ISO 21434:
Automotive Cyber Security Engineering

Concept phase

Definition of

E/E Architecture
Cyber Security
- Goals
- Concept

Product development phase

Product development
Cyber Security validation

Post-development phase

Production
Operations and maintenance
Decommissioning

The ISO has released a draft version of an automotive cyber security engineering standard (ISO DIS 21434) and has announced to release a new standard for automotive software upload (ISO DIS 24089) to provide common understanding and aspects of automotive cyber security in terms of Processes, Requirements and Guidelines.

Those affected by the ISO 21434 standard are:

Vehicle manufacturers
Suppliers of software-based components/systems
Engineering service providers
Software- and ICT-infrastructure service providers

For software upload, compliance to ISO 21434 is a main requirement along the complete vehicle development and lifecycle supply chain.

Our experts help you to organize your processes and products to be compliant to the ISO 21434 Standard.

Get your offer

UN Regulation on Cyber Security (R155) and Software Update (R156)

The UNECE world harmonization forum for vehicle regulations (WP.29) has released two new regulations concerning automotive cyber security (R155) and software updates (R156).

Our experts help you to manage cyber security risks over the complete lifecycle of the vehicle.

Learn more

A vehicle manufacturer must identify and manage cyber security risks concerning vehicles and their connectivity:

Continuous monitoring of threats, vulnerabilities and successful or attempted attacks
Cyber security risk assessments and corresponding mitigations e.g. by software update
During complete lifetime of the vehicle from design to decommissioning

Our experts help you to install and maintain a Cyber Security Management System (CSMS) – or certify your services as well as products and components.

Contact our experts

Vehicle type approval must check the fulfilment of the following requirements:

Certified CSMS at the vehicle manufacturer
Cyber security risk assessment analysis of the vehicle
Implementation of
- Effective risk mitigations
- Measures to detect and prevent cyber-attacks
- Measures to support data forensics
- Type specific monitoring activities

Get your report of all monitored activities checked by our independent experts.

Contact our experts

The vehicle manufacturer must demonstrate process capabilities for:

Recording the hardware and software versions relevant to a vehicle type
Identifying software relevant for type approval including interdependencies for updates
Assessing if a software update affects type approval and safety
Informing vehicle owners of updates
Documentation of all the above

Our experts help you to install and maintain a Cyber Security Management System (CSMS) – or certify your services as well as products and components.

Contact our experts!

Vehicle type approval must check the fulfilment of the following requirements:

Certified SUMS at the vehicle manufacturer
Protected SU ensuring integrity and authenticity
Protected Software identification numbers – readable from the vehicle
For OTA (Over-The-Air): Restoring capability, sufficient power supply, safe execution, check successful SU
Inform users about each update and about their completion or if a mechanic is needed.

Get your report of all monitored activities checked by our independent experts.

Contact our experts!