Introducing Vehicle Cybersecurity (VCS) Audit scheme

The increasing digitization of vehicle systems due to automated driving, connectivity and new mobility concepts has led to increased demands on cybersecurity in electrical and electronic (E/E) systems for vehicles across the supply chain of the automotive industry.

The creation and maintenance of products in deeply integrated supply chains necessitates a sustainable implementation of vehicle cybersecurity (VCS) across the various partners as well as proper risk management and governance from the customer's perspective.

This has already led to an increasing demand for certifications, which currently can only be met by proprietary "ISO/SAE 21434 certifications" from individual audit companies.

The feasibility of a standardized Vehicle Cyber Security (VCS) Audit was successfully proven in a project conducted until 12 October 2023. Following the recommendations of the project group, which has worked on the VCS audit scheme over the last two years, ENX Association is entering into preparation of phase 2 of the development, making audits available to more participants.

The ENX VCS Audit is aimed at automotive suppliers, who are concerned with development or production, or maintenance of electrical and electronic systems for road vehicles. It offers standardized CSMS (Cybersecurity management system) audits by implementing the ISO/PAS 5112 in the context of the ISO/SAE 21434 and leveraging the existing and established audit framework of ENX Association.

ENX will ensure that the mechanism is open, transparent, and trustworthy, and that the interests of stakeholders / of suppliers and engineering providers in integrated solutions and synergies with standards such as TISAX are realized to the best possible extent.

At the same time, ENX will consider with openness and interest the requirements and views of an even broader range of automotive cybersecurity stakeholders - across individual companies and the industry - to achieve the broadest possible understanding and recognition.

Organizations participating in Phase 2 will be able to register for the audit, get audited by audit firms contractually bound and governed by ENX Association and share audit results with other participants.

Stay tuned for additional information. If you want to already indicate your interest in participating in phase 2 and to be among the first to receive information, please contact us (vcs@enx.com).