ENX PG Vehicle Cyber Security

This Project Group is no longer active, it is going to be transformed into a Working Group for continuous improvments and maintenance of the audit scheme.

Short name: PG VCS

Group type: Project Group

Established: 2021

Mode of work:

  • monthly web conference
  • task-forces on demand

Status: Concluded on 2023-09-28

Contact: Suhas Konanur pg-vcs@enx.com

Report to: ENX Association

Participation and Contact
Join the group

This group is open for vehicle cyber security managers and experts of automotive manufacturers or suppliers. The group will decide on new members. If you want to participate, please contact Suhas Konanur at pg-vcs@enx.com

Questions, Feedback, General Contact

For Questions or Feedback contact Suhas Konanur pg-vcs@enx.com


PG VCS, comprising experts from global automotive OEMs, Tier-1 system suppliers and engineering and software development providers, is formed to create and establish a third-party management system audit scheme to evaluate the CSMS of suppliers. The audit catalogue, developed as part of the audit scheme VCS, implements the audit guidelines of the ISO/PAS 5112 in the context of the ISO/SAE 21434 and the generic management system structure as defined in Annex SL of ISO/IEC directives.

Feasibility of the audit scheme is verified through piloting audit activities across a representative sample of suppliers in the automotive supply chain. Upon proof of feasibility, the project group transforms into a working group to work on continuous improvement and maintenance of the audit scheme.

The work of the PG VCS is intended to create an audit scheme that provides standardised, comparable and customer-independent results and reduces compliance efforts and costs for customers and suppliers alike.


  • Developed CSMS auditing of suppliers within the ENX framework in a standardized, transparent way to realize reliable and comparable audit results
  • Tested the developed VCS audit scheme confirms its feasibility
  • Performed pilot audits that demonstrated the maturity and effectiveness of the VCS scheme
  • Formulated recommendations to the Industry:
    • ENX to provide the project results to the automotive cybersecurity community for further reviewing, commenting and use
    • ENX to make the developed, piloted and revised VCS audit available to interested parties and to recognize the results gained during piloting
    • Establish an ENX industry expert working group responsible for continuous support and improvement of the VCS scheme


  • Wolfgang Löffler, AUDI
  • Hayk Hamazaryan, ZF
Group members
  • Sylke Hauptmann, Autoliv
  • Vicentiu Barbu, Autoliv
  • Björn Maier, AVL
  • Thomas Dirscherl, AVL
  • Ariel Alejandro Risso, Bertrandt
  • Michael Walther, Bertrandt
  • Felix Roth, BMW
  • Ingo Wagner, Continental
  • Suhas Konanur, ENX
  • Dirk Kimmel, Mercedes-Benz
  • Christelle Dardant, Renault
  • Martin Lorenz, VDA