Automated cybersecurity testing for compliance with UN R 155

The problem of testing the resilience to cyber-attacks is a complex task and involves the validation of vehicle’s security requirements and the execution of penetration tests. OEMs and TIER1s are requested, by the legislation, to certify the application of best practices and to set up a process to continuously monitor new vulnerabilities and threats. Just like other regulations, UNECE R 155 presents, in ANNEX 5, a list of mitigations that needs to be included in the path for reaching product certification.
The Webinar will present a testing approach aimed to deliver robust products that can be certified under UNECE R 155. Drivesec’s team will provide an interpretation of the R 155 Annex 5 mitigations and will present a list of mandatory actions to define the best and most efficient testing strategy. Drivesec will also present a list of tests, associated with Python scripts, which can be executed, by OEMs and Tier1s, to assess products vulnerability. The set of scripts, that will be presented, covers attack simulation, fuzzing of interfaces and requirements validation. The Webinar proposes an approach to integrate cybersecurity requirements validation in the flow of traditional functional testing.