Cybersecurity Services
for New Mobility

The automotive, transport and wider mobility market is undergoing a transformational social, technological and economic shift, fundamentally changing the way people and products are moved.

The automotive industry is swiftly joining the connected device space, with new vehicles integrating thousands of connected components (ECUs), which monitor, control and report upon implemented functionality.

Bureau Veritas helps Automotive and New Mobility OEMs and Infrastructure manufacturers globally create cybersecure devices.

New Mobility Vulnerabilities

While some of the ECUs are responsible for the operation of the main vehicle functionalities such as brakes or engine, others are linked to other functions, for example, in-car entertainment, vehicle-to-vehicle communication, vehicle-to-infrastructure communication, charging stations and more.

These components must have cybersecurity elements to safeguard the safe running of the vehicle and protect passengers inside. In recent years, cyberattacks on personal vehicles have increased, which has seen security against such attacks become mandatory in the landscape of global vehicle regulations.

Bureau Veritas supports our clients throughout the process of cybersecurity certification, with capabilities across consultancy, risk assessments, process review and official regulatory audits.

Certification in New Mobility Cybersecurity

The latest UNECE regulations – on Cybersecurity (R155) and Software Updates (R156) – were created to keep track of the threats associated with a modern vehicle. Such vehicles are designed to facilitate a broad range of external interfaces, car-to-car and car-to-infrastructure connectivity, as well as support for (Over The Air) software updates. The regulations put equal emphasize on the processes used by the OEM during the whole life cycle of the vehicle, as well as the testing and validation on the vehicle type itself. A typical audit in line with these regulations will contain a special focus on the documented and implemented services, as well as testing by sampling.

As an entity involved in the development and testing of the new regulations since their draft state, Bureau Veritas can support a wide range of services, including gap analysis, consultancy and support in implementation, as well as official type approval audits.


Support and Preparation

- Review of processes and consultancy in drafting/implementation
- Workshops on cybersecurity and regulatory requirements
- Risk assessments on vehicles and components
- Penetration testing of components and systems

Compliance and Testing

- ISO/SAE 21434 Compliance Gap Analysis


- UNECE Cybersecurity (R155) and Software Updates (R156) Compliance Gap Analysis
- UNECE Cybersecurity (R155) and Software Updates (R156) Type Approval
- Common Criteria Certification

Get in touchwith us
Would you like to receive marketing communication from Bureau Veritas?
Would you like to receive marketing communication from Bureau Veritas?