Consulting Services

CSMS Consulting Service

Cybersecurity management system for UN R155 compliance
csms consulting

Professional consulting for UN R155-compliant CSMS establishment.

A key requirement stated in UN Regulation No. 155 is the establishment of a cybersecurity management system (CSMS), a concept defined as a set of processes that incorporate cybersecurity into vehicles throughout their entire lifecycle. 

Although the CSMS is standardized in ISO/SAE 21434, every vehicle and production procedure is different, thus there is no one-size-fits-all solution. Organizations in the supply chain must holistically implement the CSMS in their environment.

With industry-leading expertise accumulated through years of experience in cybersecurity implementation, AUTOCRYPT offers professional consulting services for automotive OEMs and suppliers in establishing the CSMS.


Holistic CSMS establishment for regulatory compliance

UN R155 officially takes effect on all new vehicle registrations beginning July 2024. This means that OEMs must pass a CSMS audit and get certified before selling a vehicle type in the market. Although only automotive OEMs are legally obligated to comply, suppliers are required by the OEMs to have the same security practices. AUTOCRYPT helps OEMs and suppliers establish an effective CSMS that best suits their needs.

testing platform icon

Risk Assessment

  • Uses TARA to identify and assess potential threats, vulnerabilities, and attack vectors
  • Examines the effectiveness of existing cybersecurity measures
policy icon

Action Plan

  • Determines gaps between existing practice and ISO/SAE 21434 CSMS requirements
  • Provides detailed action plan and respective cybersecurity education sessions 
v2x safety services icon

Security Management

  • Provides recommendations on security policies, processes, and management structure
  • Ongoing support for security operations and continuous monitoring

Compliance Overview

From CSMS certification to vehicle type approval

Step 1: CSMS Approval

The CSMS approval process focuses on the effectiveness of cybersecurity practices, procedures, and supplier involvement.

csms approval diagram

Step 2: Vehicle Type Approval

The type approval process focuses on the effectiveness of the security measures implemented in the vehicle.

type approval diagram

Related Resources

Play Video