1、 Cybersecurity in the automotive industry:Ensuring compliance with UNECE regulations Anastasiya Oblogina Sergey Melnikov 07.02.2024 Version 1.0 CYBERSECURITY IN THE AUTOMOTIVE INDUSTRY:ENSURING COMPLIANCE WITH UNECE REGULATIONS 1 2024 AO KASPERSKY LAB Introduction.2 Cybersecurity in the automotive i

2、ndustry.5 Relevant cybersecurity risks.6 Risks for the vehicle.6 Supporting infrastructure risks.7 Risks for the manufacturers ICT infrastructure.8 Cybersecurity risks associated with supply chains.9 Requirements of UNECE and international standards.10 Managing risks for compliance with UNECE requir

3、ements.13 Risk management for a vehicle and supporting infrastructure.13 Concept phase.14 Product development phase.15 Production phase.17 Operation and maintenance phase.18 End of cybersecurity support and decommissioning phase.19 Risk management for supporting infrastructure.19 Risk management for

4、 the manufacturers ICT infrastructure.20 Supply chain risk management.20 Strategy for implementing cybersecurity requirements.22 CYBERSECURITY IN THE AUTOMOTIVE INDUSTRY:ENSURING COMPLIANCE WITH UNECE REGULATIONS 2 2024 AO KASPERSKY LAB Introduction Automotive cybersecurity has traditionally been a

5、focus of public and regulatory attention.The“Uniform provisions concerning the approval of vehicles with regard to cyber security and cyber security management systems”(UN Regulation No.155),which were adopted by the UNECE,are currently in the stage of being adapted at the national level.These provi

6、sions establish cybersecurity requirements that vehicle manufacturers must comply with in the production of all new types of vehicles,beginning July,2022.The UNECE also adopted“Uniform provisions concerning the approval of vehicles with regard to software updates and software update management syste