Abstract
Around the world, car manufacturers face various legal requirements for the type approval of their cars. A certification according to international standards, such asUNECE R-155 „Uniform provisions concerning the approval of vehicles with regards to cyber security
and cyber security management system“ [6], R-156 „Uniform provisions concerning the approval of
vehicles with regards to software update and software updates management system“ [7] (UN-R 155/
156), ISO/ SAE 21434 „Road vehicles – Cybersecurity engineering“ [8] and ISO/ IEC 27006
„Security techniques — Requirements for bodies providing audit and certification of information security
management systems” [9], can considerably accelerate the type approval procedure. [4]
Hence these standards are of large importance for the automotive industry.
To facilitate the handling of said standards, this paper develops a maturity model,
which consolidates all requirements manufacturers and suppliers are facing regarding
cybersecurity management systems (CSMS) and software update management systems
(SUMS) in Europe. The developed maturity model is called AnReiG-Modell (Anforderungen im Reifegrad- Modell).
The model creates transparency on the status of compliance with relevant standards
in Europe. Furthermore, the developed maturity model gives an overview of the
reached maturity level in combination with the actual processing status. It clearly shows
all requirements of given European standards and helps to identify gaps, evaluate status
and facilitates an effective documentation to optimize the type approval process. This
helps in identifying open tasks in the approval process.
Date of Award | 2024 |
---|---|
Original language | German (Austria) |
Supervisor | Eckehard Hermann (Supervisor) |