As everything in the automotive industry, from infotainment to engine systems, becomes more reliant on wireless and in-vehicle network connectivity, the need for robust cybersecurity measures increases.

Microchip Technology Inc. ("Microchip") announced on the 13th that it recently received ISO/SAE 21434 standard certification through an audit by UL Solutions, a third-party organization, for its corporate procedures for certain automotive-related products and related processes.

To enhance security, the requirements for automotive cybersecurity risk management processes have become more complex, and this is where the ISO/SAE 21434 standard came into being. This standard helps regulate cybersecurity risk management processes across the entire life cycle of automotive products, from vehicle design, development, production, maintenance, and disposal.

The ISO/SAE 21434 standard, developed jointly by the International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE), is designed to help define and establish cybersecurity policies and manage risks. It consists of 45 security categories that cover all aspects of automotive electrical and electronic system design, from ICs and software to firmware and libraries.

ISO/SAE 21434 certification confirms that a certified cybersecurity management system exists within the organization. This demonstrates that cybersecurity is a top priority for all areas of the organization, from top management to design, test, product, application, marketing, quality, product verification, and final acceptance teams.

Stakeholders involved in the product lifecycle must also complete cybersecurity training and meet designated qualifications. The TARA (Threat Analysis and Risk Assessment) methodology used here is used throughout the life cycle of automotive products to analyze potential threats and various vulnerabilities that may arise during the process of integrating devices into automotive cybersecurity platforms, and to assess cybersecurity risks.

“Security is a core value at Microchip, and the ISO/SAE 21434 standard demonstrates our commitment to maintaining high standards for cybersecurity in vehicles,” said Matthias Kaestner, vice president of Microchip’s automotive business unit. “This gives our customers the confidence that Microchip is a trusted, knowledgeable security partner for their in-vehicle cybersecurity designs.”

While each automotive manufacturer (OEM) is responsible for demonstrating compliance at the vehicle level, the ISO/SAE 21434 standard encourages all companies within the production ecosystem to play a proactive role in proactively managing and mitigating cybersecurity threats.

When customers use electronic control devices that incorporate Microchip’s security products designed within a process framework that has achieved ISO/SAE 21434 compliance, they are relieved of the burden of manually verifying compliance, and this also reduces the burden on Tier 1 companies and OEMs in the industry to separately demonstrate that they have a strong security foundation, he explained.