In less than a year, every vehicle manufacturer will be required to prove to the Federal Motor Transport Authority (KBA) that the cybersecurity solutions set out in UNECE R155 have been implemented to ensure vehicle security. From this date on, it will not be possible to register new vehicles without a certified Cybersecurity Management System (CSMS). ISO/SAE 21434 is an important building block to fulfill these requirements.
Systems that will facilitate risk detection, risk reduction, threat analysis and regular risk assessment are needed, as is the monitoring of new vulnerabilities and known attacks. Manufacturers are ultimately responsible for continuous security improvements and risk prevention throughout the entire life cycle of the vehicle from July 1, 2024, on. They have to consider both the risks in-house and those along the supply chain.