Glossary · ISO/SAE 21434

ISO/SAE 21434

Also known as: ISO 21434, ISO/SAE 21434:2021

International standard for road-vehicle cybersecurity engineering across the lifecycle.

ISO/SAE 21434:2021 — "Road vehicles — Cybersecurity engineering" — defines the process and work-product structure for managing cybersecurity risk through concept, development, production, operation, maintenance, and decommissioning. It introduces the Cybersecurity Management System (CSMS), distributed cybersecurity activities, the TARA methodology, cybersecurity goals/concepts/cases, and the post-development continual activities such as vulnerability handling.

Why it matters

ISO/SAE 21434 is the practical engineering reference assessment bodies expect in CSMS audits and type-approval submissions for UN R155 markets. Programmes that align early avoid late-stage evidence reconstruction.

Related terms

Cybersecurity Management System (CSMS)
Organisational management system that governs cybersecurity activities for road-vehicle programmes.
TARA
Threat Analysis and Risk Assessment — the structured cybersecurity risk method of ISO/SAE 21434.
Cybersecurity Case
Structured argument with evidence that an item's cybersecurity goals are met.
Cybersecurity Interface Agreement (CIA)
ISO/SAE 21434 Clause 7 contract that allocates cybersecurity activities between customer and supplier.
UNECE R155
UN Regulation requiring vehicle manufacturers to operate a certified Cybersecurity Management System.

ISO/SAE 21434 Guide
Cybersecurity Engineering

Need help applying ISO/SAE 21434 on a programme? Use the contact form or request a KAVACH demo.

ISO/SAE 21434

Cybersecurity Management System (CSMS)

TARA

Cybersecurity Case

Cybersecurity Interface Agreement (CIA)

UNECE R155