Cybersecurity Services
for Connected Vehicles

Modern vehicles include hundreds of connected components (ECUs) which have the mission to monitor and control the implemented functionality.

YOUR CHALLENGE

While some of the ECUs are responsible for the operation of the main vehicle functionalities such as brakes or engine, others are linked to modern functionalities such as infotainment, vehicle to vehicle, vehicle to infrastructure, etc.

In total, all of these components together need to be robust and well designed from a cybersecurity point of view. In light of recent demonstrated security attacks on cars, cybersecurity is an element that became mandatory also in the landscape or international vehicle regulations.

HOW BV CAN HELP

Bureau Veritas can support you along the way with consultancy in the development of the security features, as well as review of the processes and official regulatory audits.

UNECE Vehicle Regulations

The latest UNECE regulations – on Cybersecurity (R155) and Software Updates (R156) – were created to keep track with the threats associated with a modern vehicle. Such vehicles are designed to facilitate a broad range of external interfaces, car to car and car to infrastructure connectivity, as well as support for (Over The Air) software updates. The regulations put equal emphasize on the processes used by the OEM during the whole life cycle of the vehicle, as well as the testing and validation on the vehicle type itself. A typical audit in line with these regulations will contain a special focus on the documented and implemented services, as well as testing by sampling.

As an entity involved in the development and testing of the new regulations since their draft state, Bureau Veritas can support with a wide range of services, including gap analysis, consultancy and support in implementation, as well as official type approval audits.

OUR CAPABILITIES
Support and Preparation	- Review of processes and consultancy in drafting/implementation - Workshops on cybersecurity and regulatory requirements - Risk assessments on vehicles and components - Penetration testing of components and systems
Compliance and Testing	- ISO/SAE 21434 Compliance Gap Analysis
Certification/Regulatory	- UNECE Cybersecurity (R155) and Software Updates (R156) Compliance Gap Analysis - UNECE Cybersecurity (R155) and Software Updates (R156) Type Approval - Common Criteria Certification

Get in touchwith us

First name

Last name

Phone

Company

Country / Territory

How can we help you?

Would you like to receive marketing communication from Bureau Veritas?

Yes

INFORMATION NOTICE TO DATA SUBJECTS
Your personal data are collected by Bureau Veritas Consumer Products Services Division (“BVCPS”), through its entity Bureau Veritas Hong Kong Limited (having its registered office at 1/F, Pacific Trade Centre, 2 Kai Hing Road, Kowloon Bay, Kowloon, Hong Kong), as well as the BVCPS affiliate(s) with which you had, have or will have a business relationship or that otherwise decide(s) which of your personal data is collected and how it is used.  A list of BVCPS affiliates is available at: BVCPS Locations (https://www.cps.bureauveritas.com/sites/g/files/zypfnx236/files/media/document/BVCPS%20Locations_20210611_for%20web.pdf)
Your personal data are subject to computer processing in order to respond to your requests and to provide you with additional information about BVCPS services, events or topics that may be of interest to you on the basis of your consent to the processing of your personal data for that purpose (by checking the box below).
Your personal data are intended for use by the relevant business departments of BVCPS and/or their service providers depending on the nature of your requests, as well as by BVCPS IT department.    Your personal data will be retained until the earlier of (a) one year after the last communication, or (b) your request to delete the personal data. 
Your personal data may be transferred outside the European Union, on the basis of your explicit consent, as the data subject, to the proposed transfer. By checking the box below, you are providing your explicit consent to the proposed transfer, with your acknowledgement of the possible risks of such transfer due to the absence of an adequacy decision pursuant to Article 45 of the General Data Protection Regulation of 27 April 2016 or of appropriate safeguards pursuant to Article 46 of the General Data Protection Regulation of 27 April 2016.
In accordance with the French Data Protection Act of 6 January 1978 as amended and the General Data Protection Regulation of 27 April 2016, you may have the right to access, rectify and erase any personal data concerning you, as well as the right to limit the processing, the right to oppose to the processing or the right to portability of your personal data. You have the right to withdraw your consent at any time by connecting to the site or application (https://personaldataprotection.bureauveritas.com). and unchecking the box dedicated to the collection of your consent. You also have the right to set out general and specific guidelines that define how you intend these rights to be exercised after your death. You can exercise your rights by e-mail at the following address: https://personaldataprotection.bureauveritas.com. Finally, you have a right to lodge a complaint to the Commission Nationale Informatique et Libertés (CNIL) or the relevant authorities in your country.
Fields marked with an asterisk must be filled in. Otherwise, BVCPS would not be able to respond to your requests and/or provide you with additional information.

Cybersecurity Services for Connected Vehicles

YOUR CHALLENGE

HOW BV CAN HELP

UNECE Vehicle Regulations

Cybersecurity Services
for Connected Vehicles