🇬🇧

Automotive Cybersecurity

Cybersecurity assessment services, UNECE R155, ISO 21434 and Type Approval.

Electric hypercar, car-sharing platform, self-driving truck, connected bus, or regular car: Assured has the tools and qualified experience to assess cybersecurity in any vehicle or cyber-relevant vehicle component.

Assured helps automotive OEMs and suppliers meet the demanding cybersecurity requirements of UNECE Regulation R155 and ISO/SAE 21434. Whether you're preparing for type approval, need support with a witnessed test, or want to strengthen your overall automotive cybersecurity posture, our experienced team is here to support you.

Trusted by Leaders in the Automotive Industry: We work with leading automotive companies such as Volvo Group, Group Lotus, Zeekr, Wirelesscar and Einride. Our expertise in automotive cybersecurity is backed by years of experience and a deep understanding of the industry's unique challenges.

Meet UNECE R155 and ISO 21434 Requirements

We all know a vehicle is no longer a stand-alone system; it's interconnected from the DevOps pipelines to production facilities, from digital twins to service stations, from Apps to Over-The-Air updates. Assured can support you in assessing, testing and improving the cyber security in any parts of your product lifecycle.

We tailor our work to your needs, making sure you get the best value of our services, while making sure you get technical expertise supporting UN Cybersecurity Regulation No. 155, No. 156 and the ISO/SAE 21434 standard.

In the early stages of your product development, we can help you with threat modeling and risk assessment, setting up a secure development lifecycle (SDL) and DevSecOps practices. This ensures that security is integrated into the requirements, design and specification stages, reducing vulnerabilities and improving overall security posture.

When implementation is underway, we can assist with secure development for your software and hardware components, ensuring that security is built into the product from the ground up. This includes secure coding practices, code reviews, and vulnerability assessments.

Cybersecurity Assessment Services

During the component and system testing phases we can support you with cybersecurity assessment services such as penetration testing, cloud infrastructure and back office security testing, and mobile app security testing.

Our reports include detailed findings, risk assessments, and actionable recommendations to help you address any identified vulnerabilities. Where applicable, our reported findings conform to the R155 Annex 5 threats and mitigation techniques as well as risk assessment as proposed in ISO 21434. We also provide verification testing services to validate that the issues have been resolved.

Performing a penetration test on a vehicle is a complex task, and we have the tools and expertise to perform this thoroughly and effectively. Our team can simulate real-world attacks to identify vulnerabilities in your vehicle's systems, ensuring that they are robust against potential threats.

Our expertise extends to all aspects of automotive cybersecurity, including Telematics, Infotainment, Diagnostics, Over-the-Air (OTA) updates, Fleet Management, connected accessories such as Mobile Apps and Key Fobs, etc.

Support for Witnessed Tests & Type Approval under UNECE R155

When your product is ready for type approval and witnessed testing, we can help you prepare, analyze and understand technical security documentation for R155 and ISO 21434 compliance. We also provide services during witnessed tests, where our experts can perform security verification tests under the supervision of the type approval authority, or provide expert advisory during the audit.

Why Choose Assured?

We've worked with several prominent parties in the automotive industry as penetration testers, long-term contractors and as research partners. Most recently we have been engaged with Group Lotus, Volvo Group, CEVT, Wirelesscar and Einride. Among our customers and partners you will also find RI.SE, Autocom, Zacco and Combitech.

Being situated in Gothenburg, we have the forefront of the automotive industry, research and development at our doorstep.

Please get in touch if you are interested in how Assured can assist in making your vehicles cybersecurity resilient and regulations compliant.

Frequently Asked Questions

  • Automotive cybersecurity compliance refers to meeting the regulatory and technical requirements that ensure a vehicle's electronic systems are protected against cyber threats. Two key standards in this area are UNECE Regulation R155 and ISO/SAE 21434.

  • Compliance with R155 is legally required for vehicle type approval in many markets, including the EU. ISO 21434 supports this by offering structured guidance for identifying and mitigating cybersecurity risks. This is to ensure that vehicles' cybersecurity is tested, verified, and managed.

  • Type approval is needed when a new vehicle type is introduced, or when significant updates to electronic systems are made that could affect cybersecurity compliance. Witnessed tests, where the regulatory body witnesses a selection of security tests, are typically required as part of the type approval process.

  • We help you meet the requirements of UNECE R155 and ISO 21434 by delivering structured assessments through penetration testing, vulnerability assessments, advisory on secure design, support during type approval including witnessed testing, and more. You receive clear documentation, guidance, and expert support throughout the process.