ESCRYPT Vehicle type approval readiness assessment

Since January 1, 2023, automotive cybersecurity solutions from ESCRYPT have been offered under the ETAS brand. Read more.

The type approval of vehicles will soon only be possible if a certified cybersecurity management system is in place. ETAS supports manufacturers and suppliers to understand and implement the new cybersecurity requirements by conducting a vehicle type approval readiness assessment.

How prepared are you for the new cybersecurity requirements?

The UN Regulation 155 requires adequate security for vehicle types. From 2024, vehicle types must have been developed according to a certified Cybersecurity Management System (CSMS). This makes a technical security gap analyses of future and legacy architectures for WP.29 necessary.

ETAS’ technical vehicle type approval readiness assessment provides a sound foundation for technical roadmaps, budget estimation and business decisions.

The vehicle type approval readiness assessment is a component of PROOF, ETAS‘ Product Security Organization Framework. PROOF is a proven approach to guide manufacturers and suppliers from the first readiness check to the commissioning and operation of a CSMS.

It takes time to implement the new cybersecurity requirements into your processes. Start today if you want to ensure your future products receive type approval.

With AUTOSAR to UNECE-compliant cybersecurity – Watch our webinar recording to learn how to realize type-approvable development and retrofit of E/E architectures with AUTOSAR.

Assessing type approval readiness

The method

ETAS’ vehicle type approval readiness assessment focuses on the critical elements as well as E/E level measures. Its criteria are based on

  • the regulation text,
  • the task force’s interpretation document,
  • lessons learned from the WP.29 test phase in 2019, and
  • well over a decade of experience in engineering secure vehicle types.

The assessment uses well-defined criticality indicators to identify potentially critical elements of the E/E architecture. These elements are matched with the threats from Annex 5 of the regulation and appropriate security controls. ETAS’ readiness report puts a specific focus on economic considerations in order to balance compliance, security, and financial viability.

Work items

  • ETAS‘ experts conduct a technical analysis of the target vehicle type, i.e. its E/E architecture, together with the customer’s internal stakeholders.
  • In a customer workshop, ETAS leads through a WP.29 gap analysis of vehicle type‘s elements, their cybersecurity criticalities and current security controls.
  • This results in a completed readiness assessment calculation sheet with an initial budget estimation to prepare the vehicle type for approval.
  • Following the workshop, ETAS creates and delivers a readiness report with additional E/E level recommendations that can optimize preparations for type approval.