# ISO/SAE 21434 **slug:** `iso-sae-21434` · **URL:** `/knowledge/glossary/iso-sae-21434/` · **category:** Automotive Standards · **reviewer:** Tatiana ### Definition ISO/SAE 21434:2021 is the international standard for cybersecurity engineering of road vehicles. It defines the activities, dependencies, and information required for cybersecurity throughout the vehicle lifecycle — from concept through production, operation, maintenance, and decommissioning. ### What it means Co-developed by ISO and SAE and published in August 2021, ISO/SAE 21434 is the cornerstone of automotive cybersecurity practice and the de-facto implementation path for UN-R 155 (which mandates a Cybersecurity Management System but does not specify implementation). The standard organizes cybersecurity work into: - Overall cybersecurity management (governance, training, project organization) - Project-dependent cybersecurity management (per-project planning, cybersecurity case) - Continuous cybersecurity activities (monitoring, incident response, vulnerability management) - Concept phase (item definition, [TARA](/knowledge/glossary/tara/), cybersecurity goals) - Product development (architectural design, integration, verification, validation) - Cybersecurity validation - Production - Operations and maintenance - Decommissioning Compliance is typically demonstrated through process audit by a third-party assessor, plus evidence of TARA execution and cybersecurity case documentation per project. ### Related terms - [TARA](/knowledge/glossary/tara/) - [UN-R 155](/knowledge/glossary/un-r-155/) - [ECU](/knowledge/glossary/ecu/) ### Authoritative sources - [ISO/SAE 21434:2021](https://www.iso.org/standard/70918.html) - [SAE international standard page](https://www.sae.org/standards/content/iso/sae21434/) --- End of glossary-batch-2/article.md (4 Automotive terms: OBD-II, ECU, TARA, ISO/SAE 21434).