Security and Cybersecurity

SAE J3061 (Automotive)
The SAE J3061 has been the foundation for the development of the ISO/SAE 21434 standard. It provides a set of high-level guiding principles for Cybersecurity as it relates to cyber-physical vehicle systems. It defines the life cycle process framework, from concept phase through production, operation, service, and decommissioning, and provides information on some common existing tools and methods used while designing, verifying and validating cyber-physical vehicle systems.

ISO/SAE 21434 (Automotive)
This standard aims at managing the Cybersecurity of electrical and electronic systems in road vehicles, similar to how ISO 26262 manages the Functional Safety aspects. Just as the FuSa approach is based on the analysis of the possible failures, having the Hazard Analysis Risk Assessment (HARA) as a starting point, the Cybersecurity begins by the analysis of the possible attacks and related potential  leaks that allow them, having as incipit the Threats Analysis Risk Assessment (TARA).

IEC 62443:2018 (Information Security)
Is an international series of standards on "Industrial communication networks - IT security for networks and systems". It describes both technical and process-related aspects of industrial cybersecurity, making a distinction between different roles: the operator, the integrator and  the manufacturer. For each role it provides a specific risk-based approach to prevent and manage security risks in its activities.
Part 4 specifies in detail the process requirements for the secure development of products used in industrial automation and control systems (IACS). In this definition of process security requirements, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and end-of-life product are included.