AUTOMOTIVE CYBERSECURITY · ISO/SAE 21434 · UNECE R155

Automotive Cybersecurity Engineering from Architecture to Assessment Readiness.

Agnile supports cybersecurity engineering for connected vehicles, embedded products, IoT systems, and software platforms — with deep specialisation in automotive cybersecurity across ISO/SAE 21434, UNECE R155/R156, TARA, CSMS, secure architecture, implementation support, and validation.

Schedule a 60-minute callContact Us
Certified PractitionersISO 9001ISO 27001

CAPABILITY AREAS

Where our cybersecurity engineering shows up.

Cybersecurity Process & Governance

ISO/SAE 21434 process deployment, cybersecurity planning, distributed cybersecurity activities, cybersecurity interface agreements, CSMS support, and UNECE R155/R156 evidence alignment.

TARA & Risk Engineering

Asset identification, damage scenarios, threat scenarios, attack paths, impact assessment, attack feasibility, risk determination, and risk treatment planning.

Secure Architecture & Implementation

Secure boot, secure flashing, secure diagnostics, HSM integration, AUTOSAR Crypto Stack, SecOC, key management, OTA security, and cybersecurity controls.

Cybersecurity Validation

Security test planning, penetration testing, fuzz testing, vulnerability analysis, defensive coding review, and validation evidence for automotive ECUs and networks.

COMMON SCOPES

Common engagement scopes.

  • ISO/SAE 21434 work-product support
  • TARA facilitation and review
  • CSMS process support
  • Cybersecurity interface agreement support
  • Secure boot / secure flashing / diagnostics hardening
  • HSM and Crypto Stack integration
  • Cybersecurity validation and penetration testing support
  • UNECE R155/R156 evidence preparation support

ENGAGEMENT MODELS

How we engage on cybersecurity programmes.

Three engagement shapes cover where most cybersecurity programmes need support — CSMS process and evidence preparation, focused TARA on a vehicle programme, or independent methodology and evidence review. We scope the actual work based on the system, maturity, and assessment expectations.

  • ENG-01·12–14 weeks

    Gap-to-CSMS Programme

    ISO/SAE 21434 CSMS process support and evidence preparation across relevant lifecycle activities. We perform gap analysis against current processes, support CSMS structure and rollout, run a pilot TARA on a reference vehicle programme, and prepare evidence for customer or third-party assessment. Outcome: a CSMS evidence package structured for assessment readiness.

    ENGAGEMENT FLOW

    Gap Analysis
    3w
    Process Design
    3w
    Pilot TARA
    5w
    Audit Prep
    3w

    DELIVERABLES

    • CSMS process suite
    • Pilot TARA report
    • Evidence pack structured for audit review
  • ENG-02·4–8 weeks per system

    TARA on Demand

    Engineering team augmentation for a specific TARA cycle on one or more vehicle systems. We facilitate workshops, draft Damage and Threat Scenarios, run Attack Feasibility Rating per Annex G, and deliver the complete TARA Report with bidirectional traceability — ready for programme or auditor review.

    ENGAGEMENT FLOW

    Item Definition
    Asset & Damage
    Threat & Attack
    Risk Treatment

    DELIVERABLES

    • Full TARA Report
    • Attack Path library
    • Cybersecurity Goals draft
  • ENG-03·2 weeks

    Cybersecurity Concept Review

    Independent review of an existing CSMS, TARA, or work product set. We pressure-test methodology, traceability, and evidence readiness — useful before a customer, assessor, or third-party review. Outcome: a written assessment with prioritised gaps and a remediation list.

    ENGAGEMENT FLOW

    Document Review
    1w
    Workshop & Q&A
    0.5w
    Assessment Write-up
    0.5w

    DELIVERABLES

    • Independent assessment
    • Prioritised gap list
    • Remediation plan

WHY AGNILE

What we do differently.

  • 01

    Agnile combines ISO/SAE 21434 cybersecurity engineering with KAVACH, its AI-native workspace for automotive cybersecurity evidence.

  • 02

    Certified practitioners with deep automotive cybersecurity domain expertise.

  • 03

    ISO 9001 and ISO/IEC 27001 certified operations ensuring quality and information security.

  • 04

    Production-programme experience across ECUs, ADAS systems, and connected vehicle platforms.

  • 05

    One team for process deployment, product security work, and validation — not three vendors stitched together.

  • 06

    Curated automotive-specific threat database built from public standards, automotive threat catalogues, vulnerability sources, and engineering review patterns.

STANDARDS, IN PRACTICE

Standards we work to — and what each looks like in delivery.

The standards every cybersecurity engagement touches, with the specific work products we deliver against each.

  • ISO/SAE 21434

    Cybersecurity Engineering for road vehicles

    We facilitate TARA workshops, draft Damage and Threat Scenarios, run Attack Feasibility Rating per Annex G, and produce the TARA Report with bidirectional traceability to Cybersecurity Goals and downstream Cybersecurity Requirements.

  • UNECE R155

    Cybersecurity Management System Evidence for Assessment Readiness

    We support CSMS process deployment against UNECE R155 expectations, prepare evidence packages for vehicle cybersecurity assessment, and provide written support during customer, assessor, or third-party review.

  • UNECE R156

    Software Update Management System (SUMS)

    We design SUMS processes covering RXSWIN management, OTA / SOTA / FOTA security, signature verification, and rollback governance — and integrate them with your existing release-management toolchain.

  • AIS 189 / AIS 190

    India-specific automotive cybersecurity norms

    We support engineering teams entering the Indian homologation regime — including AIS-189 (cybersecurity) and AIS-190 (SUMS) compliance, with engagement support for ARAI and iCAT review.

  • AUTOSAR SecOC

    Secure Onboard Communication

    We configure SecOC for selected PDUs across CAN, CAN-FD, FlexRay, and Automotive Ethernet — sizing freshness values, MAC algorithm selection (CMAC/AES-128 typical), and integration with the AUTOSAR Crypto Stack and underlying HSM.

  • EVITA

    Hardware Security Module profiles (Light / Medium / Full)

    We integrate HSM firmware on production silicon — secure boot, secure flashing, key provisioning, and asymmetric crypto for V2X / over-the-air channels — with EVITA-profile selection driven by your threat model.

HOW WE ENGAGE — THE TARA WORKFLOW

From Item Definition to Cybersecurity Assessment Readiness.

Six stages, each with named ISO/SAE 21434 clauses and explicit evidence outputs. Scroll to see how assets, damage scenarios, threats, attack paths, risks, and treatment decisions remain traceable through the workflow.

  1. 01

    Item Definition

    Clause 9.3

    We facilitate the Item Definition workshop — capturing the cybersecurity-relevant boundary, operational environment, and assumptions. Outcome: a written Item Definition that downstream TARA, Cybersecurity Goals, and Concept all trace back to.

    Item Definition (WP-09-01)

  2. 02

    Asset Identification

    Clause 15.3

    Assets derived from the architecture — ECUs, networks, software components, data flows. Each asset gets cybersecurity properties (Confidentiality, Integrity, Availability) and damage-potential estimates per Annex F.

    Asset Register

  3. 03

    Damage Scenarios

    Clause 15.4

    Loss of cybersecurity properties translated into damage scenarios with SFOP impact ratings — Safety, Financial, Operational, Privacy. Aligned to Annex F rating tables; defensible at audit.

    Damage Scenario Catalogue

  4. 04

    Threat Scenarios

    Clause 15.5

    STRIDE-classified threats matched to assets. Drawn from a curated automotive threat corpus (EMB3D, AutoISAC ATM, ASRG XSAM, NVD, GHSA) — with citation provenance back to the source disclosure.

    Threat Scenario Catalogue

  5. 05

    Attack Path Analysis

    Clause 15.6–7

    Attack paths from external interfaces to assets. Attack feasibility rated per Annex G — elapsed time, expertise, knowledge, opportunity, equipment. Output: editable attack trees with quantified feasibility.

    Attack Path Library

  6. 06

    Risk Treatment

    Clause 15.8–9

    Risk Determination per Annex H. Treatment decisions logged — accept, avoid, transfer, mitigate — with mitigation controls mapped to Cybersecurity Goals and downstream Cybersecurity Requirements.

    TARA Report + Treatment Log

CASE STUDY

What this looks like in practice.

Anonymised by request. References available on qualified enquiry.

Anonymised engagement summary. Customer identity and programme details withheld under NDA. Metrics reflect internally documented delivery outcomes.

EUROPEAN POWERTRAIN PROGRAMME · UNECE R155

ISO/SAE 21434 gap-to-CSMS in 14 weeks.

CONTEXT

A European engineering team was preparing for UNECE R155 type approval on a powertrain ECU programme. Their existing cybersecurity process was a mix of Word documents, Excel TARAs, and ad hoc threat modelling — defensible internally, but not survivable at audit. They had 14 weeks before the vehicle programme's Cybersecurity Interface Agreement (CIA) review.

APPROACH

Agnile ran a 3-week gap analysis against ISO/SAE 21434 Clauses 5–15, deployed a CSMS process suite tailored to their existing toolchain (DOORS for requirements, Polarion for testing), executed a pilot TARA on the powertrain ECU under Annex F SFOP rating, and produced the evidence package across 18 work products, structured for audit review.

WHAT WE DELIVERED

  • ISO/SAE 21434 process suite — Clauses 5, 6, 8, 9, 15
  • Pilot TARA report — 24 ECUs, 47 assets, 183 threats
  • Cybersecurity Goals + CAL ratings for the item
  • CSMS readiness assessment for the CIA review
  • Cybersecurity Case structure (WP-06-04) populated

WHAT THE CUSTOMER GOT

  • Passed CIA review on first submission
  • Process suite reused across 4 follow-on programmes
  • Engineering team upskilled — no further external dependency

ASIL D · 24 ECUs · 18 WPs · CIA passed

DELIVERY OPTIONS

Three delivery options. Same engineers. Same evidence.

The deliverables are identical. The cycle time isn't. We can run your TARA in your existing CSMS toolchain or in KAVACH — whichever fits your data-residency, vendor, and audit posture. We can also work in spreadsheets if your audit chain demands it, but you'll feel why we built KAVACH.

BASELINE

Spreadsheets

We work in your existing template — Excel, Word, DOORS, or your team's preferred CSMS toolchain. Slowest cycle; lowest tool-adoption cost.

STEADY

Customer toolchain

We work inside the CSMS toolchain you already operate — CodeBeamer, Polarion, Jira-based workflows, or any in-house TARA platform.

FASTEST

KAVACH

We deliver in our own AI-native ISO/SAE 21434 platform — built by the same engineers running your programme. Order-of-magnitude faster TARA cycle.

See KAVACH

FAQ

Talk to a cybersecurity engineer.

A 60-minute call: scope your gap analysis, score your existing TARA, or pressure-test your CSMS evidence package before an audit. We respond to qualified enquiries within one business day.