ISO/SAE 21434#

The standard ISO/SAE 21434 has several clauses. All work products and requirements are defined as references below, if those are relevant for the S-CORE project.

Irrelevant clauses for S-CORE process requirements and work products compliance are:

“Clause 1-4:” - as it contains no requirements and work products

“Clause 7: Distributed cybersecurity activities” - as the project is organized as open source project

“Clause 9: Concept” - as this is in responsibility of system integrator

“Clause 11: Cybersecurity validation” - as this is in responsibility of system integrator

“Clause 12: Production” - as this is in responsibility of system integrator

“Clause 14: End of cybersecurity support and decommissioning” - as this is in responsibility of system integrator

“Annex A-H:” - as it contains no requirements and work products

Relevant clauses are:

Clause 5: Organizational cybersecurity management#

Clause 6: Project dependent cybersecurity management#

Clause 8: Continual cybersecurity activities#

Clause 10: Product development#

Clause 13: Operations and maintenance#

Clause 15: Threat analysis and risk assessment methods#

Note

Titles of the ISO/SAE 21434 standard clauses are from official ISO website (search for “21434”).

Requirements and work products numbering as above is derived by the sequence as those are defined in the standard document. All work products of the relevant clauses are included in the list to enable the documentation of the project wide tailoring, but the related requirements are not included as these are not needed to be covered.

A mapping table to ISO 21434 numbering can be provided by S-CORE project on request for every holder of a ISO/SAE 21434 standard license.