CHANDLER, Ariz., February 8, 2024 — As everything from infotainment to engine systems in the automotive industry becomes more dependent on wireless and in-vehicle network connectivity, the need for robust cybersecurity measures has increased. The ISO/SAE 21434 standard has emerged to set requirements for road vehicle cybersecurity risk management processes. These cybersecurity requirements help regulate automotive products across the complete product lifecycle—from concept through design, production, maintenance and decommissioning. Adhering to these standards, Microchip Technology’s (Nasdaq: MCHP) corporate processes associated with specific automotive work products have recently been audited by a third party, UL Solutions, and certified as compliant to ISO/SAE 21434.
Developed by the International Organization for Standardization (ISO) in conjunction with the Society of Automobile Engineers (SAE) International, the ISO/SAE 21434 standard was developed to help organizations define cybersecurity policies and manage risk. It is a demanding specification with 45 security categories, known as work products, each of which specifies a unique set of requirements that encompass all aspects of designing electrical and electronic systems for road vehicles, from ICs and software to firmware and libraries.
The ISO/SAE 21434 designation also confirms that a certified corporate cybersecurity management system is in place. This verifies that cybersecurity is a priority focus at the organization, from executive leadership to all organizational disciplines including the design, test, product, applications, marketing, quality, verification and validation teams. Stakeholders involved in the product lifecycle are required to complete cybersecurity training and meet designated qualifications. A Threat Analysis and Risk Assessment (TARA) methodology is also incorporated at multiple stages of the product lifecycle when devices will be integrated into automotive cybersecurity-related platforms.
“Security is a core pillar at Microchip and the ISO/SAE 21434 certification is proof of our dedication to maintaining high standards in automotive cybersecurity,” said Matthias Kaestner, corporate vice president of Microchip’s automotive business. “Our customers can be confident that Microchip is a trusted security advisor with the appropriate expertise to guide them through their automotive cybersecurity design journey.”
While each OEM is responsible for proving compliance at the vehicle level, ISO/SAE 21434 encourages all companies in the production ecosystem to play a role in proactively helping manage cybersecurity threats. Customers utilizing electronic control units that incorporate Microchip’s security products, designed within the ISO/SAE 21434 certified process framework, can be relieved of the arduous task of reviewing thousands of pages of process documentation to determine compliance. This reduces the burden placed on Tier-1s and OEMs to prove they have a strong foundation in security.
To learn more about Microchip’s ISO/SAE 21434 certification and automotive products, visit the automotive security page on the Microchip website.
Resources:
High-res images available through Flickr or editorial contact (feel free to publish):
Image: https://www.flickr.com/photos/microchiptechnology/53496216708/sizes/l/
About Microchip Technology:
Microchip Technology Inc. is a leading provider of smart, connected and secure embedded control solutions. Its easy-to-use development tools and comprehensive product portfolio enable customers to create optimal designs which reduce risk while lowering total system cost and time to market. The company’s solutions serve approximately 125,000 customers across the industrial, automotive, consumer, aerospace and defense, communications and computing markets. Headquartered in Chandler, Arizona, Microchip offers outstanding technical support along with dependable delivery and quality. For more information, visit the Microchip website at www.microchip.com.