Road vehicles - cybersecurity verification and validation
ISO/SAE PAS8477
This document includes technical considerations on the planning and execution of verification and validation (“V&V”) of the cybersecurity of items and components of road vehicles, in the context of ISO/SAE 21434:2021.
This document offers considerations on:
• strategic approaches for V&V activities;
• lists of, or references to, methods that can be applied;
• distribution of V&V activities (between customer and supplier);
• timing and execution thereof.
This document focuses on objectives and approaches and does not prescribe solutions. For example, the choice of methods and the extent of the rigour with which they are applied are part of the item- and organization specific strategic approach.
Rationale: Information on approaches on verification and validation activities for cybersecurity would be helpful to the automotive industry. Some of this content was intended to be included in ISO/SAE 21434, but was removed before publication since the content was not yet mature enough.