Reference

Automotive Cybersecurity Glossary

A comprehensive reference of 50+ terms used across ISO/SAE 21434, UNECE R155, and the broader automotive cybersecurity ecosystem. Whether you are an engineer, auditor, or product manager, this glossary gives you clear, actionable definitions.

A

ADAS(Advanced Driver Assistance Systems)

A category of electronic systems that assist the driver with driving and parking functions. ADAS encompasses features such as adaptive cruise control, lane-keeping assist, automatic emergency braking, and parking assistance. Because these systems directly influence vehicle dynamics, they are prime targets for cybersecurity threat analysis under ISO/SAE 21434.

ASIL(Automotive Safety Integrity Level)

A risk classification scheme defined by ISO 26262 ranging from ASIL A (lowest) to ASIL D (highest). ASIL determines the rigor of safety processes and the required degree of hazard mitigation. While ASIL addresses functional safety, cybersecurity threats can compromise safety-rated functions, creating an intersection between ISO 26262 and ISO/SAE 21434.

Attack Feasibility

A measure of how practical it is for an attacker to successfully exploit a vulnerability. ISO/SAE 21434 Annex G defines assessment methods including attack-potential-based (elapsed time, expertise, knowledge, window of opportunity, equipment) and CVSS-based approaches. Attack feasibility combined with impact determines the overall risk level of a threat scenario.

Attack Tree

A hierarchical, tree-structured diagram that models the different paths an attacker can take to achieve a malicious goal. The root node represents the attacker's objective, and child nodes represent sub-goals or steps. Attack trees are used in ISO/SAE 21434 to systematically decompose complex threats and identify all feasible attack vectors against a vehicle component or system.

See also: Attack Feasibility, STRIDE, TARA

AUTOSAR(AUTomotive Open System ARchitecture)

A global development partnership of automotive OEMs, suppliers, and tool vendors that defines a standardized software architecture for ECUs. AUTOSAR Classic Platform targets deeply embedded, resource-constrained ECUs, while AUTOSAR Adaptive Platform addresses high-performance computing platforms. Both platforms include cybersecurity modules such as SecOC for secure on-board communication and Crypto Stack for cryptographic services.

C

CAN Bus(Controller Area Network)

A robust serial communication protocol designed for automotive environments that allows ECUs to communicate without a central host computer. CAN was designed for reliability but lacks built-in authentication or encryption, making it vulnerable to message injection, spoofing, and denial-of-service attacks. Securing CAN communication is a central concern in automotive cybersecurity, addressed by solutions such as SecOC.

CSMS(Cybersecurity Management System)

An organizational framework of policies, processes, and responsibilities for managing cybersecurity risks throughout the entire vehicle lifecycle. UNECE Regulation R155 mandates that OEMs establish and maintain a CSMS as a prerequisite for vehicle type approval. A CSMS covers risk management, threat monitoring, incident response, supply chain security, and continuous improvement.

CVE(Common Vulnerabilities and Exposures)

A standardized identification system for publicly known cybersecurity vulnerabilities. Each CVE entry has a unique identifier (e.g., CVE-2024-12345), a description, and references. In the automotive context, CVE monitoring is essential for tracking vulnerabilities in third-party components, open-source libraries, and communication stacks used in vehicle software.

CVSS(Common Vulnerability Scoring System)

An open framework for communicating the severity of software vulnerabilities on a 0–10 scale. CVSS base metrics assess exploitability (attack vector, complexity, privileges, user interaction) and impact (confidentiality, integrity, availability). ISO/SAE 21434 Annex G allows CVSS-based attack feasibility assessment as an alternative to the attack-potential method.

CycloneDX

An OWASP-originated open standard for Software Bill of Materials (SBOM) that uses JSON or XML format. CycloneDX supports not only software components but also hardware, services, and vulnerabilities, making it well-suited for automotive applications. It includes built-in support for VEX (Vulnerability Exploitability eXchange) documents.

Cybersecurity Goal

A high-level security objective for an item or component, derived from the threat and risk assessment. A cybersecurity goal specifies which cybersecurity property (confidentiality, integrity, availability, or authenticity) must be preserved for a given asset against identified threats. Cybersecurity goals are the starting point for deriving detailed cybersecurity requirements in ISO/SAE 21434.

See also: TARA, ISO/SAE 21434, Risk Treatment

D

DoIP(Diagnostics over Internet Protocol)

A diagnostic communication protocol defined in ISO 13400 that enables vehicle diagnostics over Ethernet/IP networks. DoIP supports higher bandwidth than traditional CAN-based diagnostics (UDS over CAN) and is increasingly used for firmware updates and remote diagnostics. Because DoIP can be routed over IP networks, it introduces new attack surfaces that require TLS encryption and certificate-based authentication.

See also: UDS, Ethernet (Automotive), OTA

DUNS(Data Universal Numbering System)

A unique nine-digit identifier assigned by Dun & Bradstreet to individual business entities. In the automotive supply chain, DUNS numbers are used to uniquely identify suppliers and manufacturers for traceability and compliance purposes. CSMS processes often reference DUNS numbers when tracking the cybersecurity posture of supply chain partners.

E

ECU(Electronic Control Unit)

An embedded computing device in a vehicle that controls one or more electrical systems or subsystems. Modern vehicles contain 70–150+ ECUs managing everything from engine control and braking to infotainment and body electronics. Each ECU is a potential attack target and must be included in the cybersecurity threat analysis scope per ISO/SAE 21434.

EPSS(Exploit Prediction Scoring System)

A data-driven model that estimates the probability (0–1) that a known vulnerability will be exploited in the wild within the next 30 days. EPSS complements CVSS by providing a forward-looking risk signal. In automotive vulnerability management, EPSS helps teams prioritize which CVEs demand immediate patching versus monitoring, especially when managing large SBOMs with hundreds of components.

See also: CVSS, CVE, Vulnerability Management

Ethernet (Automotive)

High-speed Ethernet communication adapted for automotive use (100BASE-T1, 1000BASE-T1) as standardized in IEEE 802.3bw/bp. Automotive Ethernet supports bandwidth from 100 Mbps to 10 Gbps over single unshielded twisted pair, enabling ADAS data transfer, in-vehicle infotainment, and diagnostics. It introduces IP-based attack surfaces that require network segmentation, VLANs, firewalls, and intrusion detection.

F

FOTA(Firmware Over-The-Air)

The process of wirelessly updating the firmware of vehicle ECUs. FOTA enables manufacturers to patch security vulnerabilities, fix bugs, and add features after the vehicle is sold. ISO/SAE 21434 and UNECE R156 require that FOTA mechanisms include integrity verification (code signing), authentication, rollback protection, and secure download channels to prevent malicious firmware injection.

Fuzzing

An automated software testing technique that provides random, malformed, or unexpected data as input to a program to discover crashes, memory leaks, assertion failures, and security vulnerabilities. In automotive cybersecurity, fuzzing is applied to CAN message parsers, Ethernet protocol stacks (DoIP, SOME/IP), diagnostic services (UDS), and Bluetooth/Wi-Fi interfaces to identify vulnerabilities before production.

G

Gateway ECU

A specialized ECU that acts as a bridge and firewall between different in-vehicle network domains (e.g., powertrain CAN, chassis CAN, infotainment Ethernet). The gateway controls which messages can pass between domains, filters unauthorized traffic, and enforces network segmentation. It is one of the most security-critical components in a vehicle architecture because its compromise can grant access to all network segments.

H

HSM(Hardware Security Module)

A dedicated, tamper-resistant hardware component embedded within an ECU that provides secure key storage, cryptographic operations, and secure boot capabilities. HSMs protect cryptographic keys from extraction even if the host ECU is compromised. In automotive applications, HSMs are essential for SecOC message authentication, secure boot chains, and certificate management.

See also: TPM, SecOC, Secure Boot, Key Management

Hardening

The process of reducing the attack surface of a system by removing unnecessary services, closing unused ports, disabling debug interfaces, applying least-privilege principles, and enforcing secure configuration baselines. In automotive systems, hardening measures include disabling JTAG in production, removing development backdoors, restricting diagnostic service access, and minimizing the OS footprint on ECUs.

I

IDS(Intrusion Detection System)

A system that monitors network traffic or system behavior for signs of malicious activity or policy violations. In automotive applications, IDS solutions monitor CAN bus traffic for anomalous message patterns, Ethernet traffic for unauthorized access attempts, and host-level activity on ECUs for suspicious behavior. IDS feeds into the vehicle Security Operations Center (vSOC) for fleet-wide threat monitoring.

ISO/SAE 21434

The international standard “Road vehicles — Cybersecurity engineering” published jointly by ISO and SAE. It defines cybersecurity engineering requirements throughout the vehicle lifecycle: concept, development, production, operation, maintenance, and decommissioning. Key clauses cover organizational cybersecurity management (Clause 5), risk assessment methodology including TARA (Clause 15), and continuous cybersecurity activities (Clause 8). Compliance is effectively required for UNECE R155 type approval.

See also: TARA, CSMS, R155, Cybersecurity Goal

ISO 26262

The international standard for functional safety of road vehicles with electrical and electronic systems. ISO 26262 defines the ASIL classification and governs the entire safety lifecycle. While it focuses on random hardware failures and systematic software faults (not malicious attacks), there is a critical interplay with ISO/SAE 21434: cybersecurity threats can compromise safety-rated functions, requiring coordinated analysis between safety and security teams.

K

Key Management

The set of processes and technologies for generating, distributing, storing, rotating, and revoking cryptographic keys throughout the vehicle lifecycle. Automotive key management must handle keys for SecOC message authentication, secure boot verification, TLS communication, V2X certificates, and diagnostic authentication. It spans factory provisioning, in-field updates, and end-of-life decommissioning, often relying on HSMs and a backend Public Key Infrastructure.

L

LIN Bus(Local Interconnect Network)

A low-cost, single-wire serial communication bus used in vehicles for non-safety-critical subsystems such as seat control, mirror adjustment, window regulators, and interior lighting. LIN operates at lower speeds than CAN (up to 20 kbps) in a master-slave topology. While LIN has fewer direct attack surfaces than CAN due to its limited connectivity, compromised LIN nodes can be used as stepping stones if they share an ECU with higher-privilege network domains.

M

Misbehavior Detection

A security mechanism, primarily used in V2X (Vehicle-to-Everything) communication, that identifies participants sending false or inconsistent messages. Misbehavior detection algorithms analyze the plausibility of received V2X data (position, speed, heading) against sensor data and physical models. Detected misbehavior triggers certificate revocation through the SCMS (Security Credential Management System), protecting the V2X ecosystem from Sybil attacks and false information injection.

See also: V2X, Pseudonym Certificate, IDS

N

NVD(National Vulnerability Database)

The U.S. government repository of vulnerability data maintained by NIST, built upon the CVE system. NVD enriches CVE entries with CVSS scores, affected software configurations (CPE), and references. Automotive cybersecurity teams use NVD feeds to continuously monitor for vulnerabilities affecting vehicle software components identified through their SBOM, as required by ISO/SAE 21434 Clause 8 for continuous cybersecurity activities.

See also: CVE, CVSS, SBOM, Vulnerability Management

O

OBD-II(On-Board Diagnostics II)

A standardized vehicle diagnostic port (mandated in all vehicles sold in the US since 1996 and in Europe since 2001) that provides access to the vehicle’s internal network for emissions testing and fault diagnosis. The OBD-II port is a well-known physical attack vector because it provides direct access to the CAN bus. Cybersecurity measures include gateway filtering, authentication for diagnostic sessions, and limiting the services accessible through OBD-II.

OCSP(Online Certificate Status Protocol)

An internet protocol used to check the real-time revocation status of a digital certificate. In automotive PKI, OCSP allows vehicles and backend servers to verify that a certificate has not been revoked before trusting it for TLS communication, V2X message verification, or diagnostic authentication. OCSP stapling reduces latency by allowing the server to attach a time-stamped OCSP response to the TLS handshake.

See also: PKI, V2X, Pseudonym Certificate

OTA(Over-The-Air)

A general term for wireless delivery of software, firmware, or configuration updates to vehicles. OTA encompasses both FOTA (firmware) and SOTA (software) updates. A secure OTA architecture includes code signing, transport encryption, version verification, rollback protection, and atomic update mechanisms. UNECE R156 establishes regulatory requirements for OTA update management systems.

P

PKI(Public Key Infrastructure)

A framework of policies, hardware, software, and procedures for creating, managing, distributing, and revoking digital certificates. In automotive, PKI underpins secure communication (TLS for backend connectivity), code signing for firmware updates, V2X certificate management, and diagnostic authentication. Automotive PKI must handle the unique challenges of long vehicle lifetimes (15+ years), limited connectivity, and massive scale (millions of certificates).

Pseudonym Certificate

A short-lived digital certificate used in V2X communication to authenticate messages without revealing the sender’s long-term identity. Vehicles rotate through pools of pseudonym certificates to prevent tracking while maintaining accountability. If misbehavior is detected, the certificate authority can link pseudonyms back to the offending vehicle and revoke its credentials. This balance between privacy and security is a core design principle of V2X security architectures.

See also: V2X, PKI, Misbehavior Detection

R

R155(UNECE Regulation No. 155)

A United Nations regulation that establishes uniform provisions for the approval of vehicles with regard to cybersecurity and cybersecurity management systems. R155 requires OEMs to demonstrate a certified CSMS and to provide evidence of cybersecurity risk management for each vehicle type. Since July 2024, R155 applies to all new vehicles sold in the EU, Japan, South Korea, and other UNECE contracting parties. It references ISO/SAE 21434 as the primary engineering standard.

See also: CSMS, WP.29, Type Approval, ISO/SAE 21434

R156(UNECE Regulation No. 156)

A companion regulation to R155 that establishes requirements for software update management systems (SUMS). R156 mandates that OEMs implement processes for safely managing software updates throughout the vehicle lifecycle, including OTA updates. It requires documentation of software versions, update validation procedures, and the ability to inform vehicle owners about updates affecting safety or type approval.

Risk Treatment

The process of selecting and implementing measures to modify cybersecurity risk. ISO/SAE 21434 defines four options: avoid (eliminate the source of risk), reduce (implement security controls), transfer (shift risk to another party through contracts or insurance), and accept (formally accept residual risk with management approval). Each treated risk must produce traceable cybersecurity requirements that map to verifiable security controls.

S

SBOM(Software Bill of Materials)

A machine-readable inventory listing all software components, libraries, and dependencies in a product, including version numbers, suppliers, and license information. In automotive, SBOMs are essential for vulnerability monitoring (matching CVEs to installed components), license compliance, and supply chain transparency. ISO/SAE 21434 requires knowledge of software composition for continuous cybersecurity monitoring. Common SBOM formats include SPDX and CycloneDX.

SecOC(Secure Onboard Communication)

An AUTOSAR security module that provides message authentication for in-vehicle communication buses, primarily CAN and CAN FD. SecOC appends a truncated Message Authentication Code (MAC) to each message, allowing the receiver to verify authenticity and integrity. It addresses spoofing and tampering threats on broadcast buses where any node can send messages with any ID. SecOC relies on symmetric keys managed through the AUTOSAR Crypto Stack and stored in HSMs.

Secure Boot

A security mechanism that ensures only authenticated and unmodified firmware runs on an ECU by verifying digital signatures during the boot process. The chain of trust starts from an immutable root of trust (typically in the HSM or ROM) and verifies each subsequent boot stage. Secure boot prevents attackers from persisting malicious firmware even if they gain temporary write access. It is a fundamental countermeasure for firmware tampering threats identified in TARA.

SOME/IP(Scalable service-Oriented MiddlewarE over IP)

A middleware protocol for automotive Ethernet that enables service-oriented communication between ECUs. SOME/IP supports remote procedure calls (RPC), event notifications, and service discovery (SOME/IP-SD). As a network-exposed protocol running over IP, SOME/IP requires authentication, authorization, and message integrity protection. Fuzzing SOME/IP implementations is a standard cybersecurity verification activity.

See also: Ethernet (Automotive), DoIP, Fuzzing

SPDX(Software Package Data Exchange)

An ISO/IEC 5962 international standard format for communicating software bill of materials information, including component provenance, licensing, and security references. Originally developed by the Linux Foundation, SPDX is one of the two primary SBOM formats (alongside CycloneDX) recommended by NTIA and used in automotive supply chains. SPDX 3.0 adds support for security profiles and vulnerability information.

STRIDE

A threat classification methodology developed by Microsoft that categorizes threats into six types: Spoofing (falsifying identity), Tampering (modifying data), Repudiation (denying actions), Information Disclosure (exposing data), Denial of Service (disrupting availability), and Elevation of Privilege (gaining unauthorized access). STRIDE is widely adopted in automotive cybersecurity for systematically identifying threats against vehicle components during TARA, as referenced in ISO/SAE 21434 Annex D.

T

TARA(Threat Analysis and Risk Assessment)

The core cybersecurity analysis process defined in ISO/SAE 21434 Clause 15. TARA systematically identifies assets, enumerates threats (using methods such as STRIDE), assesses impact across safety, financial, operational, and privacy dimensions, evaluates attack feasibility, determines risk levels, and defines risk treatment decisions. TARA produces cybersecurity goals and requirements that drive the design of security controls. It must be performed during concept phase and updated throughout development and operations.

TPM(Trusted Platform Module)

A dedicated microcontroller or firmware component designed to provide hardware-based security functions including secure key generation, key storage, platform integrity measurement (PCR registers), and remote attestation. While HSMs are more common in automotive ECUs, TPMs are used in vehicle computing platforms (central gateways, high-performance computers) that run general-purpose operating systems and need measured boot and platform integrity verification.

Type Approval

The regulatory process by which a vehicle type is certified to meet safety, environmental, and (since R155/R156) cybersecurity requirements before it can be sold in a market. For cybersecurity, type approval requires the OEM to demonstrate a certified CSMS and provide evidence of adequate cybersecurity risk management for the specific vehicle type. Type approval authorities (Technical Services) assess compliance through documentation review and may conduct technical verification.

U

UDS(Unified Diagnostic Services)

A diagnostic communication protocol defined in ISO 14229 used across the automotive industry for ECU diagnostics, programming, and configuration. UDS services include reading/clearing fault codes, reading data by identifier, routine control, and firmware download. Security-relevant UDS services (programming, configuration) require authenticated access through the Security Access (0x27) or Authentication (0x29) service. Improperly secured UDS implementations are a common attack vector in automotive penetration testing.

V

V2X(Vehicle-to-Everything)

An umbrella term for vehicle communication technologies including V2V (Vehicle-to-Vehicle), V2I (Vehicle-to-Infrastructure), V2P (Vehicle-to-Pedestrian), and V2N (Vehicle-to-Network). V2X uses either DSRC (802.11p) or C-V2X (cellular) radio technologies to exchange safety messages (BSMs) and traffic information. V2X security relies on a PKI with pseudonym certificates to provide message authentication while preserving driver privacy.

VEX(Vulnerability Exploitability eXchange)

A structured document format that communicates whether a product is affected by a known vulnerability and, if so, what remediation is recommended. VEX reduces false-positive noise in vulnerability management by allowing suppliers to state that a CVE present in a component is “not affected” in their specific product context (e.g., the vulnerable function is not called). In automotive, VEX is exchanged between tier suppliers and OEMs as part of continuous SBOM monitoring.

VLAN(Virtual Local Area Network)

A logical network segmentation technique applied to automotive Ethernet switches that isolates traffic between different functional domains (ADAS, infotainment, diagnostics, body control) at Layer 2. VLANs prevent compromised infotainment systems from directly accessing safety-critical ADAS traffic. Combined with firewall rules at the gateway ECU, VLANs form the foundation of in-vehicle network segmentation for defense-in-depth architectures.

Vulnerability Management

The continuous process of identifying, evaluating, prioritizing, and remediating cybersecurity vulnerabilities in vehicle software and hardware throughout the product lifecycle. ISO/SAE 21434 Clause 8 requires ongoing vulnerability monitoring as part of continuous cybersecurity activities. This involves maintaining SBOMs, monitoring CVE feeds (NVD, vendor advisories), assessing applicability using VEX, prioritizing with CVSS/EPSS scores, and coordinating patches through OTA or service campaigns.

W

WP.29(World Forum for Harmonization of Vehicle Regulations)

The United Nations Economic Commission for Europe (UNECE) working party responsible for developing global vehicle regulations. WP.29 established the task force that produced UNECE R155 (cybersecurity) and R156 (software updates). Its regulations are adopted by the EU, Japan, South Korea, Australia, and other UNECE 1958 Agreement contracting parties. WP.29 continues to evolve cybersecurity requirements in response to emerging threats and technology developments.

Need Help with Automotive Cybersecurity?

ThreatZ automates TARA, SBOM management, and compliance reporting for ISO/SAE 21434 and UNECE R155. See how it works.

Explore ThreatZ

Related Resources

Tutorial

ISO/SAE 21434 TARA: Step-by-Step Implementation Guide

A practical, hands-on guide to implementing Threat Analysis and Risk Assessment per ISO/SAE 21434.

Read Guide

Compliance

UNECE R155 Type Approval: What OEMs Need to Know

Everything about R155 type approval requirements for OEMs and Tier-1 suppliers.

Read Article

Best Practice

SBOM Management Best Practices for Automotive

Build, maintain, and leverage SBOMs across the automotive supply chain.

Read Article

Ready to Secure Your Automotive Products?

ThreatZ provides end-to-end automotive cybersecurity management from threat analysis to compliance reporting.

View Pricing