In the previous blog, we have seen an overview of ISO 21434, the key standard for cybersecurity in the automotive industry. This standard, which parallels functional safety standards like ISO 26262, outlines how automotive systems should be designed, developed, and managed to ensure they are protected from cybersecurity threats throughout their lifecycle.

In this post, we will explore how various roles—such as QA engineers, firmware engineers, system architects, and team leads—are involved in the implementation of ISO 21434 in automotive cluster development. We'll also examine a specific case of a cyberattack during the development phase, illustrating the importance of security measures at every stage of the process.

Key Phases in Automotive ECU Development

There are different stages involved in developing automotive clusters or ECU. These stages include are

Automotive Security Developer Mapping

1. Concept Phase: Identify cybersecurity goals, assets, and potential threats.
2. Product Development: Involve system design, software and hardware development, and risk assessment.
3. Verification and Validation: Perform testing, QA, and vulnerability assessments.
4. Production, Operation, and Maintenance: Implement procedures for continuous security monitoring and updates.

Each of these phases requires input from multiple team members, all of whom have critical roles in ensuring the automotive cluster is resilient to cyberattacks.

The Role of Developers in Implementing ISO 21434

ISO 21434 calls for a team-based, role-specific approach to ensure that cybersecurity risks are adequately addressed during automotive cluster development. Each team has a unique responsibility in maintaining the system's integrity, from concept to end-of-life.

Firmware Engineers

Firmware engineers are responsible for writing and optimizing low-level code that displays complete vehicle parameters in the automotive cluster. Their role in implementing ISO 21434 is central to secure boot implementation, ensuring firmware integrity and managing secure communication between Electronic Control Units (ECUs).

Key Responsibilities

• Secure Boot: Firmware engineers must ensure the boot process is protected through cryptographic checks to prevent tampering.
• Secure Communication: Protocols like TLS or custom encrypted communication between cluster components are designed to mitigate man-in-the-middle attacks.
• Threat Analysis and Risk Assessment (TARA): Participation in TARA to understand potential vulnerabilities in the firmware and design security measures accordingly.
• Patch Management: Maintaining a structured process for securely deploying firmware updates over-the-air (OTA), making sure they are authenticated and free of vulnerabilities.

QA Engineers

QA engineers play a crucial role in ensuring that the automotive cluster is not only functional but also secure. They are the gatekeepers of quality and security in automotive development. In ISO 21434 implementation, QA engineers focus on testing for vulnerabilities and validating that cybersecurity requirements are met throughout the product lifecycle.

Key Responsibilities

• Penetration Testing: Conduct penetration tests to simulate cyberattacks and identify potential weaknesses in the system.
• Static and Dynamic Analysis: Use static analysis tools to review code for common vulnerabilities and dynamic analysis to monitor system behavior under different conditions.
• Functional Safety and Cybersecurity Alignment: Collaborate with teams following ISO 26262 to ensure that safety-critical functions do not introduce cybersecurity risks.
• Fuzz Testing: Testing how the automotive cluster responds to unexpected or malformed data inputs to ensure it doesn’t crash or expose sensitive information.
• Compliance Testing: Verifying that all cybersecurity requirements from ISO 21434 are met, including secure communication protocols, data integrity, and access control measures.

System Architects

System architects hold the blueprint to the entire automotive cluster and its interactions with other ECUs and external networks. Their role is to ensure that security is embedded into the design from the ground up, making it much harder for attackers to exploit any weak points in the system.

Key Responsibilities

• Security-by-Design: Ensure that security is considered at every layer of the system—from hardware to software.
• Risk Assessment: Evaluating the impact of different attack scenarios and implementing countermeasures to mitigate these risks.
• TARA Involvement: Lead Threat Analysis and Risk Assessments to prioritize security efforts where they are most needed such as unsecured network interfaces or weak access controls.
• Cryptographic Design: Architects must ensure that cryptographic functions, such as encryption and key management, are integrated into the system architecture.
• System Hardening: Designing the cluster to minimize the attack surface, ensuring that unnecessary features and services are disabled, and network communication is encrypted.

Team Leads and Project Managers

Team leads and project managers are tasked with overseeing the implementation of ISO 21434 throughout the entire development lifecycle. Their role is not just technical but also strategically ensuring that every team member understands their responsibilities and that security goals are met on time.

Key Responsibilities

• Cybersecurity Planning: Developing and maintaining a cybersecurity plan that spans all phases of the automotive cluster’s development, from concept to decommissioning.
• Cross-Functional Collaboration: Ensure that the cybersecurity requirements are understood and implemented by every team from hardware to software to operations.
• Risk Management: Oversee risk assessments and mitigation strategies, ensuring that cybersecurity risks are continuously tracked and addressed.
• Training and Awareness: Promote security awareness within the team, ensuring that all developers follow best practices and keep up to date with evolving threats.

Cybersecurity Engineers

Although their role is highly specialized, cybersecurity engineers are integral to the development process, providing technical expertise in threat analysis, cryptography and secure software practices. They work alongside firmware engineers, architects, and QA teams to implement advanced security measures and mitigate vulnerabilities.

Key Responsibilities

• Continuous Monitoring: Ensure that security measures are continuously updated in response to new threats.
• TARA Leadership: Lead the TARA process and recommend security controls based on identified risks.
• Incident Response: Develop plans for incident response and recovery in case of a successful cyberattack.

Conclusion

Implementing ISO 21434 in automotive cluster development is a collaborative effort that involves every member of the development team. Firmware engineers, QA engineers, system architects, project managers, and cybersecurity experts all play crucial roles in ensuring that security is embedded at every stage of development.

By following the guidelines laid out in ISO 21434 and learning from past cyberattacks automotive teams can better protect their vehicles from potential threats, safeguarding both users and the broader ecosystem.