ISO 21434 Compliant Automotive Cybersecurity Development: Ensuring Secure-By-Design

Automotive Cybersecurity as per ISO 21434: Solutions and Services

Automotive cybersecurity is the practice of protecting vehicle systems, electronic control units (ECUs), and in-vehicle networks from unauthorized access, data breaches, and cyberattacks that could impact safety, performance, or privacy.

Securing a vehicle connected to multiple data sources over different networks is a technology intensive task. And a very crucial one at that! Each connected module in a vehicle is a potential entry point for cyber-attacks.

We at Embitel, have delivered multiple automotive projects with cybersecurity at their core. So, we know where to put the plug! Automotive cybersecurity is all-pervasive, hardware, software, network, and cloud; we help you secure each one of them. From building secure bootloaders and Transport layer security to Trusted Applications for automotive cybersecurity and Public Key Infrastructure (PKI) services , we implement cybersecurity in all its forms.

Customer Success Story: Enabling Secure Boot through our Flash Bootloader

Business Challenge:

Authenticity and integrity of the data to be flashed on automotive ECUs must be ensured to avoid mishaps.
Solutions like ADAS, Telematics, Body Control Modules, etc. require secure Bootloaders equipped with features such as Digital Signature, Encryption, HMS and others.

Embitel’s Solution:

We have developed secure Bootloader solutions for our customers based on their specific security requirements. Our bootloader solution comprises security features including AES-128, Digital Signature, CRC32, HMS Drivers, Secondary Bootloader (SBL). These components ensure that the inter-ECU data transmission is secure and data integrity is not compromised.
AES 128 algorithm has been used for encryption/decryption of the image file. Data is secured using the AES 128 algorithm before sending it to the ECU from the flashing device.

Automotive Cybersecurity Service Offerings

business-people-discussing-digital-tablet-laptop

Cybersecurity Management & Planning

Tailored planning of cybersecurity activities aligned with project goals.
Creation and maintenance of cybersecurity plans, cases, and relevance/reuse analysis.
Execution of post-development cybersecurity release validation.

businesswoman-networking-using-digital-devices

TARA & Risk Assessment as a Service

Systematic TARA with asset identification, attack path analysis, and impact evaluation.
Risk treatment recommendations for identified scenarios.
Review and validation of existing TARA documents to ensure industry compliance and gap closure.

Cybersecurity Item Definition & Concept as a Service

Identification of items at system, vehicle, and component levels.
Creation of high-level cybersecurity goals, controls, and claims tailored to project requirements.
Review and evaluation of existing item definitions and cybersecurity concepts.

Testing & Validation as a Service

Comprehensive fuzz testing, penetration testing, and VAPT (Vulnerability Assessment and Penetration Testing).
Validation of cybersecurity controls to ensure system resilience and readiness for deployment.

Trusted Applications Development

Development of Trusted Applications (TAs) for modern automotive ECUs.
Built on OP-TEE or Kinibi platforms, aligned with GlobalPlatform standards.
Enable secure boot, secure key storage, and secure OTA updates.

Public Key Infrastructure (PKI) Services

End-to-end PKI for automotive and IoT security.
HSM-backed key generation and certificate management.
Supports OTA signing, token management, and firmware encryption.
Built on certified infrastructure, trusted by global leaders.

Cybersecurity Controls Software Development

Development of software controls: Secure Onboard Communication (SecOC), cryptographic stacks, secure diagnostics, storage solutions, and secure coding.
Support for both AUTOSAR and non-AUTOSAR
Extended solutions: Secure OTA, IDPS, secure key management and replacement, secure runtime environments, secure logging, and secure toolchain.

Understanding Automotive Cybersecurity Use-cases

Infotainment Systems: The Interface of Convenience and Risk

Modern infotainment systems offer a range of functionalities from navigation to connectivity features. However, their connectivity to external networks makes them vulnerable.

Vulnerabilities:

Infotainment systems, being connected to the internet, are exposed to the same risks as any online device.
The integration with other vehicle systems can be exploited to gain unauthorized control.
Software bugs or outdated systems can be gateways for malware.

In-Vehicle Network: The Backbone of Automotive Communication

The in-vehicle network, consisting of various bus systems like CAN, LIN, and Ethernet, is vital for communication between different vehicle components. As the complexity of these networks increases, so does the risk of cyberattacks.

Vulnerabilities:

Unsecured communication channels can be intercepted.
The network can be overloaded or disrupted, affecting vehicle functionality.

Electronic Control Units (ECUs): The Heart of Vehicle Functionality

As ECUs get more connected to the outside world (V2X, FOTA), they become prime targets for cyberattacks.

Vulnerabilities:

Unauthorized access to the ECU can lead to the manipulation of vehicle controls.
Software flaws can be exploited to compromise vehicle safety features.
Lack of encryption and secure communication channels can make ECUs susceptible to attacks.

Why Partner with Us

Dedicated Team

A dedicated team of cybersecurity experts manages the project and closely monitors each activity

End to End Cybersecurity

Our automotive cybersecurity approach is designed to cater end-to-end cybersecurity requirements- from gap analysis to compliance

Successful Deliveries

We have delivered secure bootloader solutions, software stacks implemented with Transport Layer Security (TLS) module and state-of-the-art security algorithms

What does ISO 21434 standard entail?

ISO/SAE 21434 is a comprehensive standard that outlines the requirements for cybersecurity risk management in the design and production of automotive systems. This standard is essential for OEMs and Tier-1 suppliers as it guides the integration of cybersecurity measures across the vehicle's lifecycle.

It emphasizes the development of a robust cybersecurity management system, systematic risk assessment through TARA, and integrating security into the product development lifecycle.

The standard also focuses on efficient incident response, industry collaboration for knowledge sharing, and stringent documentation practices. Essentially, it ensures that automotive products are secure and compliant in an era of increasing cyber threats.

How does Embitel support for ISO 21434

Embitel can assist in conducting thorough risk assessments (TARA) to identify potential cybersecurity threats and develop effective mitigation strategies.
We provide support for aligning with ISO/SAE 21434 standards for cybersecurity management.
We can help establish Cybersecurity Management Systems for managing risks throughout the product lifecycle.
Our teams offer support in creating secure automotive software from design to production.
We offer extensive testing services including fuzz testing and penetration testing as per ISO 21434 standard.

Automotive Cybersecurity Lifecycle as per ISO 21434 Standard

Cybersecurity Item Definition: We will assist you in clearly defining the cybersecurity items, ensuring a solid foundation for building ISO 21434 compliant automotive solutions.
Threat & Risk Analysis / Risk Treatment: Expertise in conducting thorough threat and risk analyses (TARA), followed by effective risk treatment strategies, crucial for achieving ISO 21434 compliance.
Cybersecurity Concept: Embitel's approach in developing comprehensive cybersecurity concepts can guide you in establishing robust security frameworks aligned with ISO 21434 standards.
Technical Cybersecurity Concept: By developing technical cybersecurity concepts, we will support in detailed planning of security measures.
Secure Design: We integrate cybersecurity considerations into the core of automotive product design, in line with ISO 21434 requirements.
Source Code Analysis: With services in source code analysis focused on cybersecurity, we can help identify and mitigate potential security vulnerabilities early in the development process, essential for ISO 21434 compliance.
Design Verification as per ISO 21434: Embitel offers design verification services that align with ISO 21434, ensuring that the cybersecurity design meets all required standards and specifications.
Concept Verification: Through concept verification, we help validate that the cybersecurity concepts are effectively addressing the identified risks and are in compliance with ISO 21434.
Acceptance Testing: Our acceptance testing services ensure that the final automotive products meet all cybersecurity requirements as per ISO 21434, ready for market release.
Cybersecurity Case Report:: We aid in the preparation of cybersecurity case reports, documenting the cybersecurity measures and their effectiveness, a key component for demonstrating ISO 21434 compliance.

Automotive Cybersecurity Applications

Hardware Security

Software Security

Network Security

Cloud Security

Development of device drivers for built-in hardware security module (HSM)
Secure boot and memory protection of the hardware modules

Secure ECU flashing through secure bootloaders
Secure remote vehicle diagnostics over DoIP
Development of Trusted Applications for TEEs such as OP-TEE and Kinibi.

Cybersecurity compliant communication protocols such as CAN, DoIP, J1930 etc.
Secure communication between the vehicle and external infrastructure (V2V and V2X)

Secure over-the-air upgrades (FOTA)
Secure authentication for data communicated to and from cloud

Development of device drivers for built-in hardware security module (HSM)
Secure boot and memory protection of the hardware modules

Secure ECU flashing through secure bootloaders
Secure remote vehicle diagnostics over DoIP

Cybersecurity compliant communication protocols such as CAN, DoIP, J1930 etc.
Secure communication between the vehicle and external infrastructure (V2V and V2X)

Secure over-the-air upgrades (FOTA)
Secure authentication for data communicated to and from cloud

Frequently Asked Questions on Automotive Cybersecurity

Ans. ISO 21434 standard has recently been published. However, our cybersecurity team has been closely following the various stages that the standard has gone through. Hence, we have a fair understanding of the standard.

We have been delivering cybersecurity related projects before the release of ISO 21434 standard, primarily based on its draft version. Since, the standard is now published, we follow the automotive cybersecurity guidelines as prescribed in the standard for all cybersecurity related projects.

Ans. Yes, we can make your existing automotive solution compliant to automotive cybersecurity. The process requires gap analysis and an assessment of existing cybersecurity measures. After the gap analysis, we will lay down the requirements and make changes in the solution. The changes might affect the entire system architecture, introduce new validation and verification methods and more depending on various factors.

Ans. Diagnosing a vehicle remotely has emerged as a convenient for the customer as well as the service center. But it also opens up a potential threat of unauthorized access to the vehicle function. We have a ready-to-deploy DoIP protocol software that enables remote ECU diagnostics. It is made secure by the Transport Layer Security module (TLS module) among other features such as Secure Socket Layer (SSL) and IP security.

Ans. We have delivered FOTA solution to our customers with security features as required by the projects’ specifications.

Let’s look at all security features implemented:

Code signing to ensure trustworthiness (data integrity & source authentication) of the firmware image to be updated.
Integration of Wi-Fi/Bluetooth/GPRS/GSM modules for secure communication between the FOTA server and the target devices.
Integration of the firmware with IoT protocols such as MQTT, CoAP; HTTPS & SSL for secure data exchange
We have chosen specific encryption methods to check the sanity of the update package

Ans. We equip our Secure Bootloader solution with AES-128, CRC32, HMS Drivers, Digital Signature and Secondary Bootloader (SBL) features. These components make sure that that the data transmission between ECUs is completely secure.

A snapshot of our Flash Bootloader’s security features:

Cybersecurity is implemented as per the project’s requirement and in case of an ISO 26262 compliant project, the ASIL grade assigned to the solution.
Secondary Bootloader also helps in securing Bootloader software. follows the following sequence:
Our secure Bootloader solution uses SHA 256 Algorithm for Digital. ECU validates this digital signature before downloading the image file for ECU flashing.
Data Integrity is validated using CRC32, an error detecting code part of the platform software of the Bootloader solution.
Few microcontrollers come with built-in HSM module that implements security for the Bootloader. We develop the HSM device driver for the Bootloader Software to access the HSM module of the microcontroller.

Ans-

With the connected cars and SDV approaches, the software composition in the vehicle is ever increasing. An automotive vehicle is technically now a software on wheels with an increased vulnerability to cyber threats.
Hence many countries around the world have adopted/ planning to adopt UNECE WP.29 regulations which requires automotive manufacturers to provide proof of cybersecurity measures for vehicle type approval.
The Automotive-SPICE 4.0 also has now incorporated cybersecurity process group setting the expectations on the industry, especially for the automotive suppliers involved in product development.

Ans- Yes, we develop Trusted Applications for automotive cybersecurity use cases. Some of our delivered projects include development of hard/soft OTP TA, blade authentication, cryptographic services etc. We work closely with Tier-1s and OEMs to tailor each TA to their SoC, operating system, and security requirements.

Ans- We’ve delivered the following types of Trusted Applications to customers:

Cryptographic Services TA – Performs secure key storage and crypto operations (AES, RSA, ECC).
Secure Communication TA – Establishes encrypted channels, validates messages over UART, SPI, etc.
Hardware Access Control TA – Manages access to SoC peripherals with rule-based enforcement.
Firmware Rollback Prevention TA – Blocks older firmware using version checks and rollback counters.
Device Authentication TA – Verifies connected modules using challenge-response without HSM.,/li>
Secure Data Storage TA – Stores secrets and configs in TEE-backed secure storage.
Tamper Detection TA – Monitors for unauthorized access and logs security violations.

Ans- Automotive industry has adopted ISO26262 as a de-facto standard for making the vehicles safe. This standard has already been practiced in the industry by both OEM and suppliers for vehicle homologation and component development. ISO26262 addresses to limit or eliminate the unintended system behavior that can lead to safety issues. However, this does not address the intentional manipulation of the system by an external entity that could potentially compromise the safety of vehicle, its users and the road occupiers. Hence the security and safety go hand in hand in the modern connected vehicles. ISO 21434 is the standard that guides automotive cybersecurity.

Automotive Cybersecurity Blogs, Webinars and More

Integration of ISO 26262 Compliant Functional Safety and Automotive Cybersecurity
Modern connected vehicles need to be as secure as they are safe. In many aspects, security will be directly responsible for safety of the vehicle. Hence, there is a need for cybersecurity and functional safety to work in tandem.
Automotive Cybersecurity: The Foundation of Next-Generation Vehicle Technology
As cars transform into complex software system with numerous connected ECUs, they become more vulnerable to cyber-attacks. This necessitates a shift in vehicle architecture towards a secure-by-design approach.
Cybersecurity Risks and Preventive Measures for EV Smart Charging System
What are the cybersecurity risks associated with charging system for electric vehicles? Are there enough preventive measures in place to mitigate these risks?
Automotive Cybersecurity and the Role of Threat Analysis and Risk Assessment- TARA
As vehicles transform into highly connected, software-driven machines, protecting them from cyber threats has become paramount.

Knowledge Bytes: Insights on Automotive Cybersecurity

What is Automotive Cybersecurity?

Automotive cybersecurity is all about protecting the vehicle electronic components from unauthorized access and control. Growing degree of connectivity in vehicles creates avenues for amazing features. However, connectivity to external entities also makes the systems vulnerable to cyber-attacks. Automotive cybersecurity is a set of measures that can identify and thwart such attacks and keep the vehicle occupants safe.

Cybersecurity for road vehicles has been standardized in ISO 21434 standard. This standard defines the engineering requirements for managing the risks associated with cybersecurity. Right from the concept phase to component decommissioning, the standard has a framework for cybersecurity processes.

What are the different facets of automotive cybersecurity?

Automotive cybersecurity makes sure that the data transmitted to and from the vehicle ECU is delivered unchanged and to the intended party. To achieve this, three important aspects are controlled- Authenticity, Integrity, and Confidentiality.

Authenticity of the data implies that the data has been exchanged in a trustworthy manner and has been delivered to the intended receiver.

Integrity of the data means that the data has not been tampered with and the content is delivered unchanged and complete.

Confidentiality entails that there is encryption algorithm securing the data and to prevent it from being accessed and read by unauthorized recipient.