With vehicles on our roads becoming increasingly connected, the risk of cyber-attacks is increasing. For several years, ACTIA has been taking steps to quickly adopt forthcoming regulations and standards such as UN-ECE or ISO/SAE 21434.
ACTIA, a step ahead in cyber security regulations and standards
ACTIA is actively involved in the work on regulations and standards for automotive cyber security. The aim is to incorporate the requirements set out in these texts in the company’s processes as they are developed. Their principles are intended for road vehicles, but can be applied to all on-board equipment. (in the field of construction or agricultural vehicles, for example).
A UN-ECE regulation for cyber security is being put in place and is expected to enter into force at the end of 2020. In particular, the regulation will require each vehicle manufacturer, along with its suppliers, to implement a management system for the cyber security of vehicles and their components throughout their life cycle. It is sure to be adopted by many countries, which will approve new types of vehicles provided that their manufacturers comply with these requirements.
ACTIA, ISO 27001 certified
ACTIA is highly involved in ensuring the safety of its customers and also earned ISO 27001 certification (Information Security Management Systems) for the manufacture of electronic products and software at its production sites in France.
The scope of this certification will gradually be extended to other ACTIA manufacturing sites worldwide.
ACTIA incorporates security into its organisation
Ahead of the publication of the regulations and standards in the field of automotive cyber security, ACTIA has been making preparations and is ready to take into account the requirements and thus meet all the challenges ahead.
Established three years ago, the Product Safety Department is tasked with developing good cyber security practices and intervening throughout the life cycle of products and services to ensure that information security is properly taken into account.
ACTIA supports its customers to ensure the cyber security of its telematics solutions.
Greater vehicle connectivity is increasingly exposing car manufacturers to cyber-attacks. ACTIA must take them into account throughout the life cycle of its products and services: design, development, production, operation and maintenance.
A leading provider of telematics solutions to car manufacturers, ACTIA has high cyber security standards. This is particularly the case for one of its flagship products: the ICAN2 telematics unit.
All malicious cyber security threats and acts are identified for this product: forgery or misuse of data, intrusion attempts or corrupt systems, etc.
The resulting risks are analysed and appropriate countermeasures are taken.
With its product cyber security team, ACTIA assists project teams and customers in order to take into consideration all aspects related to cyber security. For example, the TGU-R telematics unit, dedicated to the truck, bus and special machinery market, comes with a “cyber security manual”, which allows customers to independently develop their applications, using product security services appropriately.
The industrial players committed to creating a global standard
Automotive manufacturers are actively working on a global standard defining the state of the art in terms of engineering for vehicle cyber security. This standard (ISO/SAE 21434) will be published at the end of 2020. It will be used in particular to provide the necessary evidence to comply with the UN-ECE regulation.
At the European level, work on establishing a vehicle safety certification plan will soon start under the auspices of ENISA (European Information Security Agency) within the framework of the EU cyber security act. ACTIA will take part in this initiative.
By contributing to global regulations and standards for automotive cyber security, structuring the organisation, processes and infrastructure, ACTIA places cyber security at the heart of its corporate culture.