ENX PG Vehicle Cyber Security

This Project Group is no longer active, it is going to be transformed into a Working Group for continuous improvments and maintenance of the audit scheme.

Short name: PG VCS

Group type: Project Group

Established: 2021

Mode of work:

monthly web conference
task-forces on demand

Status: Concluded on 2023-09-28

Contact: Suhas Konanur pg-vcs@enx.com

Report to: ENX Association

Participation and Contact

Join the group

This group is open for vehicle cyber security managers and experts of automotive manufacturers or suppliers. The group will decide on new members. If you want to participate, please contact Suhas Konanur at pg-vcs@enx.com

Questions, Feedback, General Contact

For Questions or Feedback contact Suhas Konanur pg-vcs@enx.com

Description

PG VCS, comprising experts from global automotive OEMs, Tier-1 system suppliers and engineering and software development providers, is formed to create and establish a third-party management system audit scheme to evaluate the CSMS of suppliers. The audit catalogue, developed as part of the audit scheme VCS, implements the audit guidelines of the ISO/PAS 5112 in the context of the ISO/SAE 21434 and the generic management system structure as defined in Annex SL of ISO/IEC directives.

Feasibility of the audit scheme is verified through piloting audit activities across a representative sample of suppliers in the automotive supply chain. Upon proof of feasibility, the project group transforms into a working group to work on continuous improvement and maintenance of the audit scheme.

The work of the PG VCS is intended to create an audit scheme that provides standardised, comparable and customer-independent results and reduces compliance efforts and costs for customers and suppliers alike.

Work Products

PG VCS Project Report

VCS Audit Criteria Catalogue (VCSA)

Comparison of Questions - VCSA vs ISO/PAS 5112 Annex A (informative) Audit Questionnaire

Results

Developed CSMS auditing of suppliers within the ENX framework in a standardized, transparent way to realize reliable and comparable audit results
Tested the developed VCS audit scheme confirms its feasibility
Performed pilot audits that demonstrated the maturity and effectiveness of the VCS scheme
Formulated recommendations to the Industry:
- ENX to provide the project results to the automotive cybersecurity community for further reviewing, commenting and use
- ENX to make the developed, piloted and revised VCS audit available to interested parties and to recognize the results gained during piloting
- Establish an ENX industry expert working group responsible for continuous support and improvement of the VCS scheme

Members

Chairperson

Wolfgang Löffler, AUDI

Deputies

Hayk Hamazaryan, ZF

Group members

Sylke Hauptmann, Autoliv
Vicentiu Barbu, Autoliv
Björn Maier, AVL
Thomas Dirscherl, AVL
Ariel Alejandro Risso, Bertrandt
Michael Walther, Bertrandt
Felix Roth, BMW
Ingo Wagner, Continental
Suhas Konanur, ENX
Dirk Kimmel, Mercedes-Benz
Christelle Dardant, Renault
Martin Lorenz, VDA