Blog Archives - AUTOCRYPT

3 September, 2025 . 8 mins read

Evolution of AI in Automotive Safety

In recent years, headlines showcasing how AI technology is being incorporated into automotive software solutions have become increasingly common. The establishment of dedicated AI facilities (e.g. Izmo’s Automotive AI Factory, Qualcomm’s AI R&D Center) and collaborative initiatives regarding Automated Driving Assistance System (ADAS) development (e.g Bosch & Cariad, GM & NVIDA) are just a few examples of how the automotive sector is rapidly embedding AI across the vehicle lifecycle.

When it comes to automotive safety software, AI adoption has advanced along two simultaneous fronts. In one dimension, AI is positioned as a Safety Enabler, actively embedded in tools and solutions to strengthen resilience, detect risks and improve the reliability of vehicle platforms. From another perspective, AI is treated as a Safety-Critical Element, subject to rigorous standards and certifications to ensure that its deployment is trustworthy, robust and auditable.

This blog aims to explore these two complementary perspectives on AI in automotive safety — one driven by industry innovation and the other shaped by regulatory and standards-based assurance. Together, they illustrate how AI has evolved from a promising technology to a core component of both engineering practice and compliance frameworks.

AI as a Safety Enabler

Across both the development and operational stages, OEMs, Tier1 suppliers and cybersecurity firms are applying AI to augment safety functions — strengthening resilience through proactive risk detection, automated testing and system-wide awareness.

I. Development Stage

In the development stage, AI is increasingly used to validate safety-critical components by automating test generation and expanding scenario coverage.

Fault Injection and Vulnerability Testing

Traditional fuzzing relies on random or manually crafted test inputs, which can miss subtle flaws. AI-enabled fuzzing, by contrast, generates protocol-specific, context-aware test cases at scale, uncovering vulnerabilities more quickly and systematically. A representative example is the AutoCrypt CSTP Security Fuzzer Solution which leverages AI-generated inputs to probe in-vehicle communication protocols and expose weaknesses in ECUs, braking controllers and telematic units with greater depth and coverage.

Scenario Generation & Simulation

Another area where AI enhances safety is in the generation of synthetic, edge-case scenarios that supplement baseline test datasets. Addressing a key challenge of ADAS and AV validation surrounding reflection for rare, safety-critical scenarios, AI allows engineers to proactively evaluate system safety under unusual conditions. The Gatik Arena platform illustrates this approach, employing techniques such as NeRFs, 3D Gaussian splatting and diffusion models to create synthetic scenarios, which are then fed into a modular simulation engine for end-to-end validation.

System-Level AI Safety Architecture

Beyond individual tools, AI is also embedded into holistic safety frameworks that span the entire lifecycle of software-defined vehicles. These frameworks account for the multi-dimensional nature of automotive software, monitoring and validating AI performance from training to deployment. The NVIDIA AI Systems Inspection Lab highlights this application, offering a safety framework that integrates cloud-based training oversight, model inspection and in-vehicle runtime validation to ensure system-wide assurance.

II. Operational Stage

AI also plays a crucial role in maintaining and extending safety during vehicle operation, both at the individual and fleet level.

Sensor-Aided Risk Detection

Leveraging multi-modal data fusion, AI enables vehicles to analyze real-time inputs from tires, cameras, radar and LiDAR to identify conditions that could compromise safety. The collaboration between AEye and Blue–Band illustrates this approach: by combining AEye’s OPTIS™ autonomous system and Apollo long-range LiDAR with Blue–Band’s AI orchestration platform, the solution delivers real-time insights for traffic monitoring, incident detection, and adaptive road safety management.

Fail-Safe & Safety Redundancy Systems

Overcoming the limitations of traditional automotive systems which often fail to account for systemic decision-making errors, AI continuously interprets both the driving environment and system health to determine when fallback responses are necessary. The patent for Guident’s Remote Monitoring and Control Center (RMCC) represents this scenario: it’s AI-driven fusion system processes sensor data from multiple autonomous vehicles and can assume remote control when risk levels exceed predefined safety limits.

Distributed Sensor Fusion & Fleet-Level Threat Analysis

Reflecting the fact that safety hazards regarding environmental disruptions affect entire fleets, AI enables fleet-level data aggregation and threat analysis, transforming distributed sensor inputs into system-wide safety insights. NIRA Dynamic’s partnership with BANF demonstrates this with the integration of triaxial tire sensor data into fleet management systems, enabling large-scale hazard detection and broadcast-level warnings to improve fleet safety.

AI as a Safety-Critical Element

While AI enables safer and more resilient automotive systems, it is also recognized as a safety-critical element requiring rigorous evaluation to ensure trustworthiness. This perspective is reflected in a series of international standards: ISO 26262: 2018, ISO 21448: 2022 and ISO/PAS 8800: 2024.

I. ISO 26262: 2018 (Functional Safety)

The ISO 26262 standard focuses on addressing hardware and software faults inside road vehicles that can lead to hazardous behavior. While it does not directly reference AI or ML, AI modules are implicitly covered as safety-related component that may fail due to defects in software implementation, hardware execution, or system integration.

The first connection appears in the definition of a “safety-related item” under Part 3. System & Item Definition. Any component which failure could lead to a hazard qualifies, and thus AI modules can be treated as such. Similarly, Part 3. System & Item Definition and Part 4. Hazard Analysis & Risk Assessment (HARA) define “hazards” as malfunctions requiring assignment of an Automotive Safety Integrity Level (ASIL). Under this framework, AI failures such as object misclassification or a neural network crash can be classified and addressed as safety hazards.

The standard also indirectly applies to AI within software and hardware development. For example, Part 5. Hardware Development requires diagnostic coverage and safety mechanisms for critical hardware faults. This extends to SoCs or accelerators running AI inference (e.g. GPUs, NPUs), which must be safeguarded to prevent silent failures that could compromise AI workflows.

While ISO 26262 provides a baseline framework for addressing AI malfunction scenarios, it falls short in covering the non-deterministic behavior of AI systems. These gaps have prompted the development of complementary standards — ISO 21448, ISO/PAS 8800 — to more fully address AI-related safety risks.

II. ISO 21448: 2022 (Safety of the intended functionality, SOTIF)

Whereas ISO 26262 focuses on risks from system malfunctions, ISO 21448 addresses situations where the system behaves as designed but still poses safety risks under certain conditions. As with ISO 26262, terms explicitly referencing AI or machine learning are absent. Nevertheless, the standard is widely recognized as highly relevant to AI-driven systems, which are especially sensitive to incomplete data, edge cases and unknown scenarios.

One key concept appears in Clause 11. Hazardous Scenarios, which introduces the distinction between “known hazards” (anticipated cases) and “unknown hazards” (unanticipated conditions). The latter is particularly relevant to AI, as machine learning models are prone to failure when exposed to out-of-distribution inputs. The standard emphasizes the need to achieve acceptable residual risk even in such unknown conditions.

Expanding beyond definitions, Clause 9. Verification and Validation stresses the importance of robust validations strategies that go beyond normal operating conditions. This is especially critical for AI/ML systems, as traditional deterministic testing methods cannot guarantee complete coverage of rare, long-tail scenarios.

By incorporating concepts of non-deterministic behavior and unquantifiable risks, ISO 21448 plays a crucial role in framing AI-related safety challenges in automotive systems. It highlights how limitations in AI perception and decision–making can result in unsafe outcomes. However, with methodologies for residual risk evaluation still relying on conventional statistical methods, there remain limitations in guaranteeing coverage for rare or unforeseen inputs.

III. ISO/PAS 8800: 2024 (Safety and artificial intelligence)

Building on the foundations of ISO 26262 and ISO 21448, ISO/PAS 8800 provides the first global assessment framework dedicated to systematically evaluating AI systems in road vehicles. The document explicitly states its intent to extend and adapt the principles of functional safety (ISO 26262) and SOTIF (ISO 21448) to AI and machine learning elements.

ISO/PAS 8800 raises AI-specific safety concerns directly, linking identified hazards to clear safety requirements and goals. It details procedures covering the entire lifecycle of AI systems including dataset quality management, model development and safe deployment practices. In addition, the standard also places emphasis on runtime monitoring and post-deployment governance, ensuring continuous oversight of AI performance.

Through this framework, ISO/PAS 8800 ensures that AI safety measures are embedded from the earliest stages of system design through post-deployment operation, closing gaps left by prior standards and providing a structured foundation for AI assurance in automotive systems.

Future Progress of AI in Automotive Safety

As illustrated in the previous sections, the automotive safety industry has approached AI from two contrasting angles: as a defense mechanism to strengthen safety levels, and as a potential risk factor requiring strict evaluation. Nevertheless, both perspectives converge on the same overarching goal — leveraging AI to improve resilience of automotive systems against internal flaws (i.e. software errors, model weakness) and external risks (i.e. environmental hazards, cyber threats).

Looking ahead, the progress of AI in vehicle systems will center on two parallel developments: advancing innovation in AI-driven safety tools and establishing rigorous compliance and certification frameworks. As this dual evolution unfolds, AUTOCRYPT is committed to playing a leading role in not only providing solutions that integrate AI to enhance safety and resilience but also by staying closely aligned with the evolving regulatory landscape that governs the safe deployment of AI-embedded vehicle systems.

Learn more about our products and solutions at https://autocrypt.io/all-products-and-offerings/.

14 August, 2025 . 6 mins read

An Integrated Approach to Automated Driving System (ADS) Validation

As we enter an era increasingly populated by highly autonomous vehicles, there is a vast range of dynamic driving scenarios that Automated Driving Systems (ADS) may encounter. From hazardous environmental conditions to internal system failures and external cybersecurity risks, ensuring ADS safety across diverse operating situations is essential for enabling safe autonomous driving experiences.

The recent release of “ISO 34505: 2025” underscores this need by providing a structured framework for generating, evaluating and managing test scenarios that reflect real world driving conditions. By standardizing how test scenarios should be defined and tested, the initiative aims to enable consistent, repeatable validation practices across the industry and thereby support development of robust ADS provision.

As autonomous systems grow more complex, the need for robust, scalable validation practices become increasingly critical. In response, an integrated approach — combining regulatory audits, system-level testing and adversarial simulations — provides OEMs and Tier 1 suppliers a structured path for both vehicle safety and regulatory compliance. Focusing on cybersecurity, this blog outlines the key components and methodologies of ADS Validation, and demonstrates how an integrated approach can be effectively executed.

Automated Driving System (ADS) Validation: Approach & Methodology

According to “SAE J3016: 2021”, Autonomous Driving System (ADS) refer to the collective technology stack responsible for performing dynamic driving tasks (DDT) at SAE Level 3 and above. With the system taking full responsibility for autonomous decision-making and vehicle control, validating ADS safety calls for identifying diverse validation targets and a multidisciplinary process for executing them.

I. Approach

The UNECE WP.29 Working Group emphasizes ADS Validation should be approached from multiple angles, including audit and assessment, simulation and virtual testing, real-world testing and more. Drawing on key industry whitepapers (e.g. The Autonomous Working Group, Association for Standardization of Automation and Measuring Systems, Mercedes-Benz), validation efforts can be broadly categorized into three core pillars: functional performance, internal system reliability and external cybersecurity resilience.

The first pillar, Functional Performance, focuses on ensuring the embedded vehicle system behaves as expected across a full range of driving conditions — particularly under abnormal scenarios such as complex environments or sensor limitations. In alignment with the “ISO 34505: 2025” standard, which outlines scenario-based ADS testing, this pillar evaluates system capabilities in perception, decision making and control execution under realistic conditions.

The second pillar, Internal System Reliability, addresses resilience against system-level faults. This includes the inspection of fault detection mechanisms, hardware failure mitigation strategies, and adherence with Automotive Safety Integrity Level (ASIL) grades. Relevant to the “ISO 26262: 2018” standard defining the framework around electrical/electronic (E/E) system failures, this pillar assesses the system’s ability to maintain safety in the presence of internal malfunctions.

The third factor, External Cybersecurity Resilience, evaluates the system’s tolerance against external cybersecurity threats. Verification over secure communication and data integrity under potential attacks such as vehicle hacking, spoofing and denial-of-service (DoS)) is a key objective of this pillar. Associated with the “ISO/SAE 21434: 2021” standard illustrating cybersecurity risk management for vehicle E/E systems across the lifecycle, this phase assesses the system’s ability to proactively mitigate attack vectors targeting sensors, ECUs and OTA updates.

II. Techniques

While various techniques exist to evaluate functional performance, system reliability and external attack resilience, this blog focuses on three core cybersecurity validation methods — Compliance Auditing, Software-in-the-Loop (SiL) Module Testing, Hardware-in-the-Loop (HiL) Penetration Testing — to better illustrate the differences across diverse validation approaches.

The first technique, Compliance Auditing, focuses on verifying whether development practices and system architectures align with established safety and cybersecurity regulations (e.g. ISO/SAE 21434, UN R155). This method is widely used by OEMs and Tier 1 suppliers to conduct gap analyses during early-development stages or in preparation for CSMS Certification audits, to check whether internal processes conform to regulatory requirements.

AutoCrypt CSTP Compliance serves as a representative tool to accommodate these needs by validating vehicle vulnerabilities on a unified platform. It supports multiple testing domains including Security Validation, Functional Testing, Penetration Testing, Fuzz Testing and Vulnerability Testing and consolidates results into a comprehensive report suitable for regulatory submission. By combining testing execution and documentation, it reduces redundant tasks and streamlines the compliance process.

Another key validation technique is Software-in-the-Loop (SiL) Module Testing, which assesses robustness of embedded security components in virtualized test environments before hardware integration. Commonly applied to TEE (Trusted Execution Environment) based key management testing and V2X certificate handling simulation, this technique enables rapid iteration and early validation of security logic in controlled conditions, before advancing to high-cost hardware testing.

In accordance with these needs, the AutoCrypt CSTP Functional Tester validates hardware-dependent security functions using virtual ECU models in a Software-in-the-Loop (SiL) environment. By integrating communication interfaces, debugging tools, ECU source code and test code, this solution facilitates early detection of design flaws and integration issues well before mass production.

Another core testing approach is Hardware-in-the-Loop (HiL) Penetration Testing, which evaluates cybersecurity resilience of physical ECUs by simulating real-world attack vectors in controlled HiL testing environments. Often applied for in-vehicle network fuzz testing and Telematics Control Units (TCUs) penetration testing, this technique identifies system vulnerabilities under actual runtime configurations, moving beyond theoretical scenarios.

Serving this purpose, the AutoCrypt CSTP Fuzzer solution actively injects malformed, unexpected inputs into in-vehicle networks to test ECU-level resistance to cyber intrusions. Covering a broad spectrum of communication layers including the Network Layer (e.g. CAN, CAN-FD, Automotive Ethernet), Application Layer (e.g. UDSonCAN, UDSonCAN-FD) and Transport/Data Layer (e.g. VehicleCAN, VehicleCAN-FD), the tool enables precise testing of vehicle systems under a wide range of adversarial conditions.

Effective ADS Validation through an Integrated Approach

With a wide range of checkpoints to address and multiple techniques available, establishing a cohesive and effective strategy for ADS validation is essential. To meet this need, a structured progression — from Compliance Auditing to Software-in-the loop Testing and finally to Penetration Testing — offers a practical pathway for comprehensive and efficient ADS validation.

At the first stage, Compliance Auditing defines the baseline and sets the strategic direction through regulatory compliance and process control.
Next, software design implementation and testing activities are supported through Software-in-the-Loop (SiL) Module Testing, which enables validation before hardware integration.
Lastly, Hardware-in-the-Loop (HiL) Penetration Testing technique can be utilized to observe real-world cybersecurity readiness under adversarial conditions.

This layered approach demonstrates how each phase builds upon and reinforces the next, enabling a robust and scalable validation framework.

With AUTOCRYPT being an authorized Vehicle Type Approval (VTA) Technical Service (TS) Provider , the firm is uniquely positioned to integrate diverse testing techniques and facilitate comprehensive ADS validation through the AutoCrypt CSTP Platform. From the AutoCrypt CSTP Compliance, which ensures design-level safety, to the AutoCrypt CTSP Functional Tester, which verifies correct functional behavior and the AutoCrypt CSTP Fuzzer able to test attack resilience, the platform enables a unified security analysis by consolidating all validation layers into a single, integrated platform.

Supporting a streamlined process for Vehicle Type Approval from ADS validation to export of results into compliance documents (e.g. TARA Report, Cybersecurity Test Report), the whole approval process can be effectively managed.

To learn more about the Autocrypt CSTP platform, check this page. For more information about our comprehensive suite of our automotive products & offerings, check this page.

10 July, 2025 . 8 mins read

The State of Autonomous Driving in 2025

Building on our previous post examining the industry’s transition from SAE Level 2 to Level 3 autonomy, this article revisits the topic in light of regulatory and commercial developments around autonomous driving. Our earlier analysis found that the slow progession toward Level 3 autonomy has been driven more by regulatory uncertainty than by technological limitations. Due to ongoing legal bottlenecks, we observed that OEMs introduced Level 2+ systems but remain hesitant to classify them as Level 3, primarily because of unresolved concerns around legal responsibility and risk management.

Since then, the regulatory and commercial landscape for autonomous driving has continued to evolve. This article highlights how recent policy shifts have accelerated Level 3+ deployment and testing efforts, while also examining the growing importance of open-source software in enabling software-defined vehicle (SDV) development. As SDVs grow more complex — both technically and in terms of regulatory oversight — it has become essential for OEMs and Tier 1 suppliers to stay aligned with ongoing developments and adapt their cybersecurity practices accordingly.

Bridging Regulation and Deployment in Autonomous Driving

As commercial interest in Level 3+ autonomy grows, regulatory developments have played a pivotal role in shaping a more stable legal environment for innovation. Both globally and regionally, recent updates have provided clearer guidelines for deployment, liability, and compliance. Among the most impactful are the ongoing amendment series to UNECE Regulation No. 157 on Automated Lane Keeping Systems (ALKS) and the introduction of UNECE Regulation No. 171 on Driver Control Assistance Systems (DCAS).

Global Regulatory Progress in Autonomous Driving

The UNECE Regulation No.157 on Automated Lane Keeping Systems (ALKS) was first adopted by the World Forum for Harmonization of Vehicle Regulations (WP.29) in January 2021 to govern SAE Level 3 conditional automation. Since enforcement began in January 2023, successive amendments introduced from 2022 onward have significantly clarified the operational behavior, system safety, and failsafe protocols required for real-world applications.

WP.29/2022/59/Rev.1 Amendment: Speed limit raised from 60km/h to 130km/h, Automated lane changes allowed

WP.29/2024/145 Supplement: Ensure ALKS system resilience in electromagnetic environments

WP.29/2025/64 Supplement: Clearer rules for lane-change behavior and heavy vehicle restrictions

In parallel with ALKS, UNECE Regulation No.171 on Driver Control Assistance Systems (DCAS) established safety requirements for SAE Level 2 driver assistance features, including lane keeping and traffic jam assist. The regulation emphasizes stricter standards for driver engagement, monitoring systems and interface transparency. Together, these two frameworks — covering foundational technologies like ALKS and DCAS — have strengthened the regulatory pathway towards higher levels of autonomy by mandating provisions for cybersecurity, performance validation and over-the-air (OTA) updates.

Regional Regulatory Advances around Autonomous Vehicles

At the regional level, China and Germany have taken leading roles in building regulatory frameworks for autonomous vehicles, while the United States and South Korea have also made notable progress in deployment and certification efforts.

China introduced a clear commercialization pathway for OEMs targeting Level 2-4 autonomy through its national pilot program, announced in November 2023. By focusing on seamless integration between vehicles, infrastructure and cloud platforms — leveraging technologies such as Cellular Vehicle-to-Everything (C‑V2X), edge computing, and signal systems — the initiative has ensured pilot zone vehicles are equipped for safe and standardized evaluation.

Through this initiative, Chinese OEMs have made significant progress, launching their own branded ADAS platforms — DiPilot (BYD) and G-Pilot (Zeekr) — in early 2025. BYD became the first Chinese automaker to obtain a conditional Level 3 testing license in July 2023 and has since introduced Level 4 autonomous parking capabilities through its DiPilot ADAS platform. By June 2025, nine manufacturers, including Nio, Changan Automobile, and GAC, had completed preparations for public road testing of Level 3-capable vehicles.

Germany has also emerged as a regulatory leader, particularly through the Autonomous Vehicles Approval and Operation Ordinance (AFGBV) which governs the approval, registration and operation of SAE Level 4 autonomous vehicles. While the ordinance was adopted in May 2022 and came into effect in July 2022, detailed implementation guidelines published in 2024 clarified practical procedures for public transportation authorities. These documents have provided essential guidance to municipalities, transit operators and OEMs, helping shape a consistent framework for the long-term deployment of autonomous fleets.

Guideline for Operational Area Approval: Framework for municipalities and OEMs to define, assess, authorize public road areas for autonomous vehicle operation
Handbook with Implementation Proposals for Municipal Practice: Offers integration guidance for public transport operators
Strategy for Autonomous Driving in Road Traffic: Outlines Germany’s national roadmap for autonomous vehicle (AV) deployment across mobility and infrastructure sectors

These regulatory advances have enabled OEMs such as BMW and Mercedes-Benz to integrate automation software into their vehicle portfolios. In June 2024, BMW introduced both Level 2 (‘BMW Highway Assistant’) and Level 3 (‘BMW Personal Pilot’) systems in its 7 Series lineup, offering highway automation and conditional driver delegation capabilities. In December 2024, Mercedes-Benz received approval to increase the operating speed of its DRIVE PILOT system to 95km/h and became the first automaker in Germany authorized to use special marker lights indicating automated driving mode.

Beyond China and Germany, regulatory clarity has expanded in other key regions. In South Korea, a March 2025 update to the enforcement decree of the Act on the Promotion and Support for the Commercialisation of Autonomous Vehicles enabled performance certification and approval of Level 4 autonomous vehicles, including those lacking pre-established safety standards. Similarly, the United States broadened Federal Motor Vehicle Safety Standards (FMVSS) exemptions under Part 555 in June 2025, allowing developers to deploy safety-validated autonomous vehicles that do not meet conventional design requirements.

These national and international efforts collectively signal a growing global alignment in regulatory strategy and commercial deployment readiness. Structured permit systems and clearly defined liability frameworks have provided OEMs with the flexibility to develop, certify, and scale Level 3+ autonomous vehicles — a momentum that is likely to accelerate further in the coming years.

Open-Source SDV: Software-Driven Collaboration

As the path to commercial autonomy becomes clearer, attention is increasingly turning to the software foundations that enable it to scale — particularly open-source software defined vehicle (SDV) projects. This shift is being shaped by the growing convergence of autonomous vehicles (AVs) and SDVs, where AVs increasingly rely on SDV architecture for modularity, real-time updates, and system integration. Open-source platforms are emerging as critical enablers of this transition by supporting scalable and collaborative development.

SDV platforms provide the technical backbone for scalable autonomy by enabling modular design, continuous over-the-air (OTA) updates, and real-time system integration. These capabilities, when delivered through accessible and interoperable open-source solutions, help overcome the fragmentation and integration challenges that often hinder large-scale AV deployment.

A key example of this trend is the S-CORE Project, announced in June 2025. Backed by key industry players like Bosch, QNX and Mercedes-Benz, the initiative aims to build the first open-source core stack for SDVs. The core stack is designed to standardize the middleware layer between the operating system and higher-level vehicle applications, with an emphasis on functional safety. Aligned with global regulatory standards such as ISO 26262 (functional safety), ISO/SAE 21434 (cybersecurity), and UN Regulation No. 156 (OTA Updates), the framework is OEM-agnostic and modular by design — supporting deployment across a wide range of vehicle platforms.

While it builds on a growing legacy of open-source automotive projects such as Autoware — of which AUTOCRYPT is a participating member focused on addressing security risks in real-world vehicle software — the S-CORE Project represents a meaningful shift. It moves focus from application-specific tools (e.g., AV stacks, ADAS platforms) toward foundational, certifiable infrastructure designed to support mass production of SDVs. Positioned as a “core runtime environment” for software-defined vehicles, S-CORE aims to bridge the gap between low-level system layers and OEM-specific applications, creating more room for OEMs and Tier 1 suppliers to collaborate on shared infrastructure.

Further open-source projects around software-defined vehicles are expected to emerge in the future due to economic and strategic industry alignment. With the complexity of software-defined vehicles (SDVs) increasing, it has become less viable for individual OEMs and/or suppliers to build and maintain fully proprietary software stacks. Open-source core frameworks like the S-CORE project aim to address this challenge by providing a standardized, resuable foundation which could allow companies to redirect resources toward value-added differentiation (UX, apps, mobility features).

Alignment with global regulatory standards has further elevated the role of open-source software. Standards such as UNECE R156 and R157, ISO 24089, ISO/SAE 21434 emphasize the need for secure, traceable, updateable vehicle software, better done transparently through building on open-source environments. In short, open-source projects offer a flexible and accountable framework, helping stakeholders align with evolving requirements more efficiently.

Future Implications

Regulatory and commercial developments across Levels 2 to 4 autonomy continue to mature, creating new opportunities for OEMs and Tier 1 suppliers, while steadily enhancing the autonomous driving experience for end users. This transformation is no longer confined to national borders, as open-source initiatives gain traction, driven by economic and regulatory imperatives.

As autonomous driving environments expand, so do the associated attack surfaces — from internal vehicle systems to connected external infrastructure. This underscores the growing need for continuous cybersecurity validation, including threat modeling, real-time risk monitoring and regulatory gap analysis. Positioned at the intersection of software-defined vehicle (SDV) innovation and autonomous vehicle (AV) safety, Autocrypt remains committed to supporting OEMs and Tier 1 suppliers in scaling innovation without compromising cybersecurity.

To learn more about the Autocrypt’s products and offerings, click here. Read our blog or subscribe to AUTOCRYPT’s newsletters for more technology insights.

27 June, 2025 . 5 mins read

Relationship between UN R155, UN R156 and ISO/SAE 21434, ISO 24089

As autonomous, connected vehicles evolve, so do risks associated with cybersecurity and software update management. Maintaining public safety being a top regulatory priority, certain regions like the European Union have introduced stringent compliance requirements for vehicle manufacturers and suppliers. Most notably, the UNECE Regulation No. 155 and UNECE Regulation No. 156 now mandate that automotive stakeholders demonstrate their ability to manage cyber risks and ensure secure software update processes.

To meet these legally binding requirements, industry players increasingly turn to internationally recognized standards such as ISO/SAE 21434 and ISO 24089 that delineate technical implementation measures. This blog post explores how ISO standards help translate UNECE requirements into actionable steps – focusing on the relationship between UN R155, UN R156 and technical standards, ISO/SAE 21434 and ISO 24089.

UN R155, UN R156 Regulation

As the name denotes, the UN R155, UN R156 “regulations” are legally binding requirements developed by UNECE WP.29, defining what must be done for vehicle type approval for passenger cars (M category), commercial vehicles (N category) and certain trailers (O category).

The foundational requirements for UN R155 and UN R156 differ based on their primary objectives. Under UN R155, vehicles with networked electronic components are required to establish a Cybersecurity Management System (CSMS), an organizational-level risk-management framework designed to maintain vehicle cybersecurity throughout the lifecycle. In contrast, UN R156 mandates the implementation of Software Update Management System (SUMS) for vehicles capable of receiving software updates, ensuring updates are secure, traceable and properly managed.

While these regulations give guidance on what to do, how to execute the guidelines is not provided, which is where technical standards like ISO/SAE 21434 and ISO 24089 come into play as implementation blueprints.

ISO/SAE 21434, ISO 24089 Standard

Unlike “regulations,” ISO/SAE 21434 and ISO 24089 are voluntary “standards” developed by ISO and SAE working groups. While not legally binding, they are widely adopted as technical frameworks to demonstrate compliance with UNECE requirements.

ISO/SAE 21434 focuses on managing cybersecurity risks across the vehicle lifecycle, detailing methods for identifying, evaluating and mitigating threats. Aligned with UN R155 which mandates the establishment of a Cybersecurity Management System (CSMS), the standard outlines core system capabilities, including governance, resource management and organizational responsibility. While the UN R155 regulation defines what must be established for vehicle cybersecurity, the ISO/SAE 21434 standard provides the framework for how to implement it.

Similarly, the ISO 24089 standard centers on the secure management of software updates, ensuring both functional performance and cybersecurity integrity are maintained. Following the mandate of UN R156 to establish a Software Update Management System (SUMS), the standard illustrates methods for software configuration tracking, secure update delivery, and validated installation procedures. Parallel to the relationship between UN R155 and ISO 21434, the UN R156 regulation defines what components are required for secure software updates, while the ISO 24089 standard outlines how to structure it.

Mapping ISO Standards to Cybersecurity and Software Update Requirements

Although ISO/SAE 21434 and ISO 24089 were not legally derived from UN R155 and UN R156, they share a common foundation. Both the standards and regulations emerged from the same regulatory push to mitigate cybersecurity threats associated with increasingly software-driven vehicles, which explains their current alignment. However, due to natural overlaps between cybersecurity and software update management, it would be an oversimplification to claim that ISO/SAE 21434 solely supports UN R155, or vice-versa.

ISO/SAE 21434 Support for UN R156

While ISO/SAE 21434 is not specifically a software update standard, it addresses cybersecurity considerations that arise in software update processes, particularly where secure deployment and threat mitigation intersect. This can be observed in ‘Clause 13. Operations and maintenance’ which covers cybersecurity activities during vehicle operation, including incident response, vulnerability monitoring, and post-production software updates. In this way, ISO/SAE 21434 partially supports components of a Software Update Management System (SUMS) relevant to UN R156, while primarily serving the requirements of UN R155.

ISO 24089 Support for UN R155

Similarly, ISO 24089, though not a cybersecurity standard, acknowledges the critical role of cybersecurity in software update workflows. For example, ‘Clause  5. Project level’ outlines roles, responsibilities, and planning processes that overlap with Cybersecurity Management System (CSMS) framework principles. As such, ISO 24089 partially supports operational requirements of the Cybersecurity Management System (CSMS) aligned with UN R155, and cannot be viewed in isolation from cybersecurity needs.

Taken together, while ISO/SAE 21434 is closely aligned with UN R155 for cybersecurity control and ISO 24089 with UN R156 for software updates, the distinction between the two is not clear-cut. Given the interconnected nature of both domains, areas of overlap exist where the two standards work in tandem to support shared regulatory objectives.

Streamlining Automotive Compliance

While the range of standards and regulations in automotive cybersecurity may seem complex, understanding how they interconnect allows stakeholders to navigate compliance with greater clarity and control.

AUTOCRYPT’s suite of in-vehicle cybersecurity solutions covering testing and consulting services is designed to align with the requirements of UN R155 and UN R156 and technical guidelines set by ISO/SAE 21434 and ISO 24089 standards. Supporting secure software update processes and cybersecurity control across the vehicle’s lifecycle, our services are positioned to help simplify compliance and improve informed decision-making.

Visit our UNECE WP.29 Consulting page to learn more about how OEMs and Tier suppliers can control cybersecurity measures for vehicle type approval.

To contact our team about how your company can get started, contact global@autocrypt.io.

9 June, 2025 . 5 mins read

Global Commercialization of Robotaxis

As consumer attitudes shift in favor of intelligent, software-powered vehicles, there has been a rapid global commercialization of mobility transportation services developed by mobility platform operators. Several autonomous mobility services have emerged, each with their distinct technological, regulatory, and economic profiles.

Among these services, robotaxi commercialization is proceeding faster than that of other autonomous mobility services due to a convergence of regulatory flexibility, scalable profitability models, and accelerated technological innovation. This momentum is further fueled by growing public expectations that robotaxis will emerge as a mainstream urban mobility solution, offering a cost-effective alternative to both traditional taxis and privately owned vehicles.

At the same time, cybersecurity concerns have surfaced around autonomous robotaxi fleets, as a single vulnerability could potentially impact multiple vehicles and pose serious risks to public safety. This article aims to showcase the current status surrounding robotaxi commercialization and emphasize the importance of maintaining safe cybersecurity measures as robotaxis permeate more into everyday life.

Robotaxi Service Development by Region

Across the robotaxi ecosystem, service development among mobility providers spans multiple stages ranging from trials and pilots to commercial operations and mass deployment. Regional regulatory environments have been playing a critical role in shaping business strategies, with service providers typically expanding globally following proven success in their domestic markets.

Among the more regulatory-open regions are China, Dubai, Abu Dhabi and the United States, where governments have actively introduced dedicated frameworks and launched national initiatives to support the commercialization of autonomous robotaxis. Companies such as Baidu, Pony.ai and WeRide have expanded their presence in these markets through strategic partnerships with local taxi operators and public agencies.

Meanwhile, countries such as Japan and South Korea have adopted a more measured approach to autonomous driving regulation, with services providers such as Avride, TIER IV and Motional conducting pilot programs in designated areas as they work toward full-scale commercialization.

Global Robotaxi Commercialization Trends

Observing the activities of global robotaxi service providers across key cities, several emerging patterns in commercialization efforts can be derived.

First, major operators are actively expanding into the United Arab Emirates (UAE), signaling the region’s growing openness to autonomous mobility. WeRide and Uber launched their first international robotaxi service in Abu Dhabi in December 2024, and extended their partnership to Dubai in April 2025, with the goal of integrating robotaxis into the city’s transportation network. Baidu has also partnered with UAE-based Autogo, targeting the start of commercial operations in Abu Dhabi by 2026, with pilot trials expected in Dubai within 2025.

Second, the global autonomous vehicle industry is increasingly defined by a two-track development model – China emerging as a leading hub for commercial deployment, and the United States serving as a focal point for research and development. AutoX, headquartered in San Jose, California, launched its Level 4 driverless robotaxi service to the public in Shenzhen, China in 2021. Similarly, Pony.ai operates dual headquarters in the US and China, with large-scale robotaxi fleets running in cities like Beijing and Guangzhou, while pilot programs continue in California cities such as Fremont and Irvine.

Third, US-based companies are steadily expanding robotaxi operations across state lines, navigating a fragmented regulatory landscape in the absence of a unified regulatory framework. As of May 2025, Waymo provides over 250,000 paid driverless rides per week across cities including San Francisco, Los Angeles, Austin, Phoenix and Austin, with plans to enter new markets such as Atlanta, Miami and Washington, D.C. by 2026. Meanwhile, Tesla is preparing to launch its robotaxi service in Austin in June 2025, with expectations that the service expand to additional cities once operational stability is achieved.

Cybersecurity Concerns around Robotaxis

While autonomous robotaxis hold significant promise for improving urban mobility through enhanced convenience and accessibility, cybersecurity risks remain a critical concern. Although no confirmed cases of malicious hacking specifically targeting autonomous robotaxis have been reported to date, incidents involving software malfunctions have nonetheless heightened public unease around the reliability of these systems.

This growing apprehension is reflected in the ‘Electric Vehicle Intelligence Report (EVIR) 2025 May Edition’ where 71% of respondents showed reluctance to riding a robotaxi. Among the key concerns regarding robotaxi rides, 28% of respondents cited safety issues related to robotaxi use, while 18% expressed worry about over-reliance on sensors.

Unlike privately owned autonomous vehicles, cyberthreats to robotaxis carry heavy significance as a vulnerability in one model or system could potentially affect the city-wide transportation systems connected with internal and external data streams. As these services scale, it becomes vital to implement robust, end-to-end cybersecurity measures to ensure the safety of the vehicles, passengers and ultimately the entire mobility ecosystem.

Autocrypt’s Technical Expertise

Through a multi-layered approach that integrates advanced technologies, regulatory compliance, and industry collaboration, Autocrypt is well positioned to address the cybersecurity challenges associated with public mobility services.

With solutions spanning the entire autonomous ecosystem – from securing V2X communication security with AutoCrypt V2X, to safe-guarding in-vehicle security systems through AutoCrypt IVS, and overseeing operational data from AutoCrypt FMS – potential risks around mobility services can be prevented beforehand, enhancing the overall safety of connected mobility environments.

As the rapid advancement of robotaxi services marks a pivotal step toward the integration of autonomous vehicles into mainstream mobility networks, it is critical to raise cybersecurity awareness and implement preventive safeguards. Doing so will be essential to ensuring public trust and unlocking the full potential of autonomous mobility.

To learn more about the latest news on mobility tech and software-defined vehicles, read our blog for more technology insights or subscribe to AUTOCRYPT’s monthly newsletter.

26 May, 2025 . 7 mins read

Teleoperation Control Modes in Autonomous Driving

Autonomous driving presents the possibility of a future where individuals can engage in personal activities while traveling, without the need to focus on driving. Yet, questions remain as to whether such a future, free from manual vehicle control, will truly materialize. This blog introduces two distinct teleoperation methods designed to maximize the potential of safe autonomous driving.

The Spectrum of Autonomous Driving

As defined by SAE International, a global professional association of engineers in the automotive industry, automated driving systems are classified into six levels, ranging from Level 0 to 5.

Level 0 represents full manual control, where the driver is entirely responsible for operating the vehicle, a scenario that reflects most current driving experiences. At this stage, no autonomous technology is applied.

For Levels 1 to 2, vehicles begin to assist the driver with features such as Smart Cruise Control, Lane Following Assist (LFA) and Autonomous Parking. From Level 3, autonomous driving becomes more pronounced, with conditional automation enabled under specific circumstances.

Level 4 marks a critical milestone in the advancement of autonomous driving. While it shares similarities with Level 3 in that the vehicle can autonomously steer the wheel, the key distinction lies in its ability to manage hazardous situations without human intervention. As such, Level 4 marks the stage where “full automation” starts to materialize.

Level 5 represents the highest level of vehicle autonomy, where a car can navigate across all environments without any restrictions on an ODD (Operational Design Domain), a set of defined conditions under which an autonomous system is designed to safely operate. At this stage, “full automation” is reached.

Most of the autonomous vehicles we see around us are currently positioned at Level 3. When a situation comes where AI (Artificial Intelligence) technology fails to respond, the driver needs to take command over vehicle operations and responsibility is bestowed upon the driver in case an accident arises. The maturity of autonomous technology becomes pivotal from Level 4 where the car must proactively respond to emergency situations in a safe manner without the interception of the driver.

Currently, autonomous vehicles are not yet resistant to object misdetection as they collect information through sensor devices such as cameras, radars, and LiDAR technology. Even if all sensors around the surrounding object are properly functioning, there may be instances where AI cannot fully comprehend an untrained scenario. In this case, human control becomes pivotal, whether it comes from the driver itself or from another subject. This is where teleoperation methods become relevant.

The Necessity of Teleoperations in Autonomous Driving

Imagine a typical scenario in which you are commuting home from work in an autonomous vehicle, using self-driving mode to catch up on delayed tasks. Suddenly, the vehicle encounters a situation where the conditions necessary for safe autonomous operations are no longer met. In other words, the system is unable to function properly, requiring the driver to assume control and take full responsibility. However, with the deadline approaching and the task still unfinished, the driver may choose to request teleoperation support. In such cases, a remote operator can assist in managing the situation without requiring the driver to take full control.

Teleoperation service can also be deployed in more extreme scenarios, such as during wartime or natural emergencies. This is unsurprising, given that the origins of teleoperation technology are rooted in military applications. As early as the 19th century, efforts were made to develop remotely controlled torpedoes, and the technology has continued to be explored for defense-related purposes ever since. One notable example is inventor Nikola Tesla’s 1898 demonstration of a remote-controlled torpedo—an ambitious attempt that, despite ending in failure, marked a pivotal moment in the history of teleoperation.

The use of teleoperation in military contexts is especially pivotal, as deploying personnel in active war zones can be extremely hazardous. In such cases, teleoperated vehicles or robots can be strategically positioned to reduce risk to human life. When factoring in the use of drones, teleoperation represents one of the most dynamic and rapidly evolving areas of military technology.

Teleoperation Control Modes in Autonomous Vehicles – Direct and Indirect

Teleoperations refer to the technology that enables communication and control between a vehicle and an external location, typically coordinated through a centralized control center. In essence, when an autonomous vehicle encounters an unexpected situation that its onboard AI cannot handle, a remote operator at the control center can intervene and take effective control of the vehicle on behalf of the user.

There are two main types of teleoperation control: direct and indirect, differentiated by the level of human involvement. In ‘direct teleoperation,’ a remote operator takes full, real-time manual control of the vehicle. In contrast, ‘indirect teleoperation’ involves shared control, where the vehicle retains partial autonomy while the operator provides high-level guidance.

Automakers have explored teleoperation as a solution for complex scenarios. For example, in December 2022, Hyundai Motors partnered with Israeli startup Ottopia to develop a teleoperation system called Remote Mobility Assistance (RMA), aimed at supporting Level 4 and higher autonomous driving instances. More recently, Tesla announced they were set to launch a limited robotaxi service in Austin, Texas, by the end of June 2025, heavily relying on teleoperators to assist in situations where the autonomous system encounters difficulties.

Direct Teleoperation Control

While teleoperation holds great promise, it also presents significant challenges, particularly when it comes to direct control. One major issue arises when there are network disruptions affecting data transmission, and information sent from the vehicle to the teleoperator gets delayed or not reflected in real time. Although rare, instances of network latency or unstable communication can cause a time lag in the control center’s response, potentially making it impossible to prevent an accident.

Moreover, an overreliance on direct teleoperation can be seen as an inefficient use of the advanced capabilities built into autonomous vehicles. Given that vehicles are already equipped with advanced sensors like LiDAR, radar and camera sensors for real-time decision-making, delegating control to a remote operator may underutilize these capabilities and limit the system’s full potential.

Indirect Teleoperation Control

Recognizing the limitations of direct teleoperation, current research highlights indirect teleoperation control as a more effective complementary solution.

As the term suggests, under indirect control, the teleoperator does not directly issue commands ranging from handle steering, acceleration, or braking. Instead, high-level or abstract commands are transmitted, while the vehicle itself executes detailed actions. This approach reduces dependence on constant network communication and allows the vehicle to make better use of its internal technologies.

A primary example of indirect teleoperation control in action is “navigational route assistance,” where drivers receive guidance from the vehicle on the most optimal path to reach a specific destination. Another use case is “recognition alerts,” where the system advises the vehicle on whether to detour or disregard certain road obstacles.

While direct teleoperation is always subject to the risk of unstable telecommunications, indirect teleoperation significantly reduces this vulnerability by making the vehicle less dependent on network connections. In this mode, the vehicle makes real-time decisions autonomously, with the teleoperator offering directional input rather than direct control. All onboard components and safety systems of the vehicle remain fully active and engaged, further reducing reliance on the control center operator.

Enabling safe autonomous driving through teleoperation control

It is expected that Level 4 autonomous vehicles will interchange modes between autonomous driving, direct teleoperation and indirect teleoperation. Although skepticism persists about when Level 5 autonomy will be fully achieved, advancements in the integration of internal and external communication systems continue to accelerate, bringing the future of save autonomous driving ever closer.

AUTOCRYPT stands as a leading automative cybersecurity provider with experience in facilitating remote driving assistance environments. In particular, AutoCrypt® RODAS (Remotely Operated Driving Assistance System) provides a failsafe for autonomous vehicles by giving authority for an authorized operator to take control over a vehicle when an unexpected situation arises. This can be done either remotely (i.e. teledriving) or through configuring driving policies based on the situation reported by the occupants (i.e. teleguidance).

To learn more about the Autocrypt’s teleoperation services, click here. Read our blog for more technology insights or subscribe to AUTOCRYPT’s monthly newsletter.