• Title/Summary/Keyword: TISAX

Search Result 1, Processing Time 0.013 seconds

Designing an evaluation model for cyber security management system implementation for companies participating in the automobile supply chain (based on ISO/SAE 21434 standard and TISAX assessment requirements) (자동차 공급망 참여기업 대상 사이버보안 관리체계 구현 평가모델설계 (ISO/SAE 21434 표준 및 TISAX 평가 요구사항을 기반으로))

  • Baek Eun Ho
    • Convergence Security Journal
    • /
    • v.22 no.5
    • /
    • pp.49-59
    • /
    • 2022
  • Cyber security in the automobile sector is a key factor in the life cycle of automobiles, and cyber security evaluation standards are being strengthened worldwide. In addition, not only manufacturers who design and produce automobiles, but also due to the nature of automobiles consisting of complex components and various parts, the safety of cybersecurity can be secured only when the implementation level of the cybersecurity management system of companies participating in the entire supply chain is evaluated and managed. In this study, I analyzed the requirements of ISO/SAE 21434 and TISAX, which are representative standards for evaluating automotive cybersecurity. Through a survey conducted on domestic/overseas company security officers and related experts, suitability and feasibility were reviewed according to priorities and industries, so 6 areas and 45 evaluation criteria were derived and presented as final evaluation items. This study is meaningful as a study in that it presented a model that allows companies participating in the automotive supply chain to evaluate the current cybersecurity management level of the company by first applying ISO/SAE 21434 and TISAX overall control processes before uniformly introducing them.