New standards such as the ISO/SAE standard 21434 stipulate that the cyber security of vehicle electronics must be guaranteed over the entire useful life of a vehicle. To this end, OEMs must be able to detect and promptly address cyber risks even in vehicles that have already been sold and are in customer hands, for example by providing software patches via the air interface. Against this backdrop, the semiconductor manufacturer Renesas has announced that it will apply ISO/SAE standard 21434 for the development of automotive microcontrollers (MCUs) and system-on-chips (SoC) from January 2022. This underlines the company’s commitment to implementing robust cybersecurity management systems (CSMS).
Both ISO/SAE 21434 and UNECE Directive R155 require cybersecurity to be implemented throughout the automotive supply chain. From July 2022, car manufacturers will be required to have an automotive CSMS for new vehicle types. This ensures that strict cybersecurity processes have been implemented as a prerequisite for vehicle type approval.
Renesas’ commitment to implement ISO/SAE standard 21434 means that OEMs and Tier 1 suppliers can have confidence in Renesas’ product solutions, the company promises. This assurance reaffirms to OEMs and Tier-1s that Renesas is committed to its CSMS responsibility. Future Renesas automotive MCUs and SoCs will be developed to ISO/SAE standard 21434 from January 2022. These include the RL78 (16-bit) and RH850 (32-bit) MCU series, as well as Renesas’ well-known R-Car SoC family.
“ISO/SAE 21434 is the international standard that specifies the safety requirements over the entire lifecycle of a vehicle. Renesas has now adopted this standard. We will establish a safety process whose requirements definition includes the analysis, implementation and evaluation of all safety aspects, using or further optimising the existing development process,” explains Takashi Yasumasu, vice president of the Automotive Core Technology Development Division at Renesas. “This enables us to provide products and solutions that incorporate the appropriate mitigation measures based on a hazard analysis.”
The chipmaker has been a major global contributor to the development of the ISO/SAE-21434 standard. In 2019, Renesas was certified by TÜV Rheinland as compliant with the IEC 62443-4-1 standard, which specifies requirements for the safety development process of industrial products. Based on these achievements and experiences, the company will continue to improve its automotive CSMS processes to meet the new requirements and expectations of ISO/SAE 21434 and perfect its cybersecurity measures.
As part of the automotive CSMS envisaged by the aforementioned standards, Renesas will not only deploy security development officers in the hardware and software areas, but also experts in overall system security. Based on its long experience in developing MCUs and SoCs that comply with the ISO 26262 functional safety standard, Renesas is addressing the additional challenges of the cybersecurity market, including the requirements of ISO/SAE 21434.