Nowadays, the automotive sector does not have the obligation to certify the cybersecurity of the vehicles. This makes cyber-attacks common in today’s vehicles, the implications of these attacks are very broad
The automotive industry has been undergoing a major transformation for some years now. The need to reduce the environmental impact produced for so many decades by fossil fuels, means that the future of the automotive industry must involves electric vehicles. In 2020, more than 3 million electrified (plug-in) vehicles, including plug-in hybrids and 100% electric vehicles, were already sold.
Looking at the certifications obtained in Common Criteria, 2020 has been, since the methodology was created, the second in history with the highest number of certified products with 388, only surpassed by 2016 with 395 certifications (7 more).
After almost three years since its creation, the evaluation methodology LINCE, related to cybersecurity of ICT products with medium or low criticality, becomes a UNE standard.
At jtsec we are very proud of this event, since we have participated in the creation of LINCE from the beginning; both in the definition of the LINCE methodology and its adoption as a UNE standard.
Certifying a product under the Common Criteria methodology is not easy, there are several variables, mainly at the beginning of the project, which are key to the proper development of the evaluation.
One of the important decisions to be made is to verify whether the product adapts to the characteristics and requirements of an existing Protection Profile (PP) or not.
