Join our free webinar with Juniper Systems - March 25th, 9am PT - and learn how easy it is to get an RTK fix. Join our free webinar March 25th @ 9am PT. Register.
Point One Nav White Logo
Contact Sales
Try for Free

ISO 21434

ISO/SAE 21434 is the international standard for automotive cybersecurity engineering, providing a comprehensive framework for identifying, assessing, and managing cybersecurity risks throughout the entire lifecycle of road vehicle electrical and electronic systems. Published jointly by ISO and SAE International in 2021, this standard addresses the growing vulnerability of connected vehicles to cyber threats and establishes best practices for building security into automotive systems from concept through decommissioning.

The standard requires organizations to implement systematic cybersecurity processes throughout product development. Key activities include Threat Analysis and Risk Assessment (TARA), which identifies potential attack vectors and evaluates their likelihood and impact; secure design practices that incorporate appropriate security controls based on identified risks; verification and validation activities that confirm security measures are correctly implemented and effective; and incident response planning to address newly discovered vulnerabilities or active attacks after deployment.

ISO 21434 applies throughout the automotive supply chain, requiring both OEMs and their suppliers to demonstrate cybersecurity competence and to collaborate effectively on security matters. The standard emphasizes that cybersecurity is a shared responsibility, vulnerabilities in supplier components can compromise vehicle-level security, and OEMs must verify that sourced components meet security requirements. This supply chain perspective is particularly relevant for GNSS positioning systems, which may be vulnerable to spoofing or jamming attacks that could mislead vehicle navigation or safety systems.

The relationship between ISO 21434 (cybersecurity) and ISO 26262 (functional safety) is crucial for safety-critical systems. A successful cyberattack could cause safety-relevant failures, for example, spoofed GNSS signals could cause an autonomous vehicle to misperceive its location and make dangerous navigation decisions. Organizations developing automotive GNSS solutions must therefore address both standards, implementing security controls to prevent attacks while maintaining safety mechanisms to detect and respond appropriately to compromised inputs.