As the development process evolves, the integration of components takes place, which may lead to potential new vulnerabilities which have to be prevented. For that it will be necessary to refine the previously defined cyber security requirements. This task may be an iterative process, since all the systems and components are gradually incorporated. When implementing the requirements, it is important to follow technical best practices such as secure programming, software development guidelines or hardware redundancy mechanisms, among other techniques. The correct allocation and implementation of the requirements for each system or component should also be verified.
Main Question
Is a review of the architectural design considered based on frequently updated requirements?
Sub-Questions
- Is a process established to verify the implementation of cyber security requirements?
References
- ISO (2020) TR 4804: Road vehicles — Safety and cyber security for automated driving systems — Design, verification and validation. Available at: https://www.iso.org/standard/80363.html (Accessed: 18 October 2023)
- ISO/SAE (2021) 21434: Road vehicles – Cyber security engineering. Available at: https://www.iso.org/standard/70918.html (Accessed: 18 October 2023)
- UNECE (2021c) Uniform provisions concerning the approval of vehicles with regards to cybersecurity and cybersecurity management system. Available at: https://eur-lex.europa.eu/eli/reg/2021/387/oj (Accessed: 27 October 2023).