Cyber security assurance levels can be used to set objectives and aid in communication outside of security and engineering groups. Their primary use, however, is to assess impacts against a set of given attacks and their associated vectors, specifically the risk of attacks against road vehicles, from negligible to severe.
Attacks may require physical access to the road vehicle or a localized connection that is limited by proximity. The most severe attacks can be conducted remotely through wide area networks or long-range communication methods. Together with your attack vectors, impacts, propagation, and other factors, an assessor can establish a level of confidence associated with an assurance level for each component of a vehicle’s electrical system.
A single assurance level can be assigned to all cyber security goals of a component, or multiple assurance levels can be assigned to each cyber security goal. There is no single mapping of assurance and goals; however, there are appropriate cyber security goals that are unique to each organization’s role within the automotive industry. Goals are typically created with language such as “prevent” or “protect” from a condition, and levels of assurance frame this as a multilayered or “defense in depth” approach. Technical solutions, standards, and requirements should not be included in these goals; their methods should be communicated instead.
Your organization might have a single cyber security goal, or a series of goals, to communicate a roadmap of security maturity for internal and external use. Consider aligning the levels of cyber security assurance to the electrical powertrain roadmap, which provides an opportunity to introduce cyber security maturity. As components gain capabilities for cyber security features, both customers and regulatory agencies will reasonably expect security goal integration.