Getting Started#

This document and sub chapters outlines the required steps to ensure that project complies with ISO SAE 21434 security standard. Begin with this document to understand the project’s security-related processes and procedures. All other sub processes are linked here and in sub chapters.

General Workflow#

One goal of the security management process is to ensure that the project is following the defined processes and that the evidence of security can be shown according to the requirements. The Security Management process follows an continuous approach. All these workflows are defined in the Security Management Workflows section.

The following workflows shall be executed continuously: * Create/Maintain Security Plan * Create/Maintain Security Package * Create/Maintain Security Manual * Create/Maintain SBOM * Monitor/Verify Security

Additional to the continuous workflows the following workflows shall be executed according to the project needs: * Perform Security Audit (to be discussed, currently not in scope) * Perform Formal Reviews

Some of the workproducts are currently either tailored out or not in scope of this project (due to Out-of-Context development). Refer Tailoring Document Work Pro... (wp__tailoring_work_products) section for the details about tailoring.

Note

The term security is used here synonymously for the term cybersecurity as defined in ISO SAE 21434.