
With the growing scale and complexity of vehicle software often referred to as the “data center on wheels,” attack surfaces are increasing as do cyberattacks within the automotive market.
The UNECE WP.29 R155 and R156 regulations as well as the ISO/SAE 21434 standard, mandate that OEMs and their supply chain proactively manage cyber risks, and put Cyber Security Management Systems (CSMS) and Software Update Management Systems (SUMS) in place, to safeguard road users, vehicles and the infrastructure across the entire development and lifecycle.
Cyber attacks are a logical consequence of higher software complexity and increased connectivity: Formerly mainly independent electronic domains such as infotainment, ADAS, and powertrain are now interconnected inside the vehicle and communicate with IT systems outside of the car. This leap in complexity of distributed functionalities creates new security risks.

Increased Regulatory Pressure
Vehicle manufacturers must comply with new cybersecurity regulations and standards, such as UNECE WP.29 R155 and R156 and ISO/SAE standard 21434.
Distributed Functionalities
Modern vehicles with advanced features have more than 100 million lines of source code that are always at risk of cyber-attacks.
Vulnerability Threats
Automotive manufacturers and suppliers must be able to immediately identify and eliminate security risks and vulnerabilities on a large scale.

Automotive cybersecurity legislation establishes a set of requirements, practices, and principles to protect connected vehicles from misuse by malicious hackers. Binding standards such as ISO 21434 ensure that evolving mobility technologies meet the requirements for rigorous functional integrity and safety. AVL supports compliance with these standards and continually keeps up to date with regulatory requirements.
The focus is clear: It’s not just about reacting to potential risks, but about building agile cyber resilience across the entire lifecycle of a vehicle. There will probably always be attackers – but effective and highly resilient cyber security will reduce the chance of these nightmares occurring.
At AVL, we support our customers with our comprehensive engineering services from development to in-use phase. Furthermore, we offer a powerful suite of software and testing tools to support and optimize process automation and efficiency.
Easy Cybersecurity Management
We support you to reliably manage cyber risks and vulnerabilities throughout the product lifecycle. In addition, we assist with the implementation of cybersecurity into existing structures.
Efficient Security Processes
We help you setting up efficient certification processes as well as manage and monitor cybersecurity processes in your organization, from vehicle to component level.
Revolutionary Technologies
Benefit from sophisticated tools or from customized engineering services. We act as a collaborative partner, playing a key role in ensuring compliance with regulatory standards and helping you meet the challenges of cybersecurity.
Cybersecurity Risk Analysis
In the system requirement phase this analysis serves as basis for the whole development process and should therefore be performed at the very beginning of a project as it influences also hardware design and software development.
Architecture and Concept Development
Based on high-level security objectives out of TARA we carry out the development of secure-by-design architecture and allocation of security requirements to the components.
Cybersecurity Implementation
It consists of secure software implementation, secure hardware design and secure operating systems and their configurations with respect to valid security-oriented technical standards.
Cybersecurity Verification and Validation
Vulnerability scan and assessment, functional security testing and penetration testing are measures for verification and validation in order to proof the compliance of the technical solution.
Continuous System Care
This describes the Security Live Cycle Management by AVL. It monitors the used security mechanisms, hardware and implementations from development until decommissioning and provides solutions and fixes if new vulnerabilities occur.
Related Topics
We are constantly working on new solutions. The following might be interesting for you:
Moving steadily into the future: Find out what’s brand new in the field of cybersecurity.


Recording available - English

Recording available - English

Recording available - English


Recording available - English

Recording available - English
Do you have questions or want to work with us?
Our experts are happy to help.