Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Bertrand Boisseau
on 3 June 2024

Vehicle cybersecurity: the journey towards ISO 21434 compliance


Automotive is going through considerable technological advancement, centred around the software that vehicles and their manufacturers use. A large part of this software evolution is the move towards open source software. Ensuring the safety and security of critical systems is extremely important, especially in safety-critical use cases. At Canonical, we stand at the forefront of this mission, leading actions to establish robust functional safety and cybersecurity initiatives in compliance with ISO 26262 and ISO 21434.

In this blog post, we will share Canonical’s path towards ISO 21434 compliance, a fundamental standard shaping the cybersecurity framework for automotive software. 

Setting the stage: understanding automotive cybersecurity for OEMs and Tier 1 suppliers 

Before targeting cybersecurity, let’s talk about functional safety. In the automotive industry, safety isn’t just a desirable feature—it’s an absolute necessity. With millions of vehicles on roads worldwide, the stakes are high, and ensuring the wellbeing of drivers, passengers and pedestrians is often literally a matter of life and death. Historically, automotive safety has been primarily focused on mechanical systems, such as brakes, airbags, and seatbelts. However, as vehicles become increasingly sophisticated – integrating advanced technologies like autonomous driving (AD) capabilities, connectivity features, and complex software systems – the concept of safety has evolved significantly.

ISO 26262 is one of the key standards governing safety in automotive software. It provides guidelines for the functional safety within vehicles, outlining processes and measures to mitigate risks associated with system failures. ISO 26262 addresses various aspects of automotive safety, including hazard analysis, and the implementation of safety mechanisms to prevent or mitigate the effects of malfunctions. Compliance with ISO 26262 is essential for ensuring the reliability and integrity of automotive systems, particularly in critical applications where system failures could lead to life-threatening consequences.

Safety standards like ISO 26262 are even more vital when you consider the advancements in artificial intelligence and AD technologies. Advanced Driver Assistance Systems (ADAS) features, such as adaptive cruise control and lane-keeping assist, require meticulous validation to ensure they function reliably and safely whether it’s thick fog, snow, heavy rain, or at night. As such, the automotive industry faces a wide-ranging safety landscape, where traditional concerns intersect with emerging technologies, emphasising the need for comprehensive safety frameworks that address both physical and digital risks.

Canonical’s role in advancing functional safety

Canonical’s commitment to functional safety extends beyond mere compliance with standards; it encompasses a holistic approach to software development that prioritises quality, security, and reliability at every stage of the life cycle.

Our progress towards functional safety in automotive software is founded upon a strong emphasis on quality management (QM) practices. QM provides a reliable set of expectations, practices, and checks that verify that the software being delivered follows a robust process aimed at guaranteeing traceability so that it can be compliant with automotive expectations. Canonical employs a range of quality management protocols and tools to monitor and enhance the quality of its software products, including independent quality indicators like the TIOBE Quality Indicator (TQI) and adherence to industry-recognised standards such as ISO 25010.

ISO 21434 is another crucial standard that outlines guidelines for addressing cybersecurity risks in automotive software throughout its lifecycle. Canonical is actively working towards compliance with ISO 21434. By aligning our practices with the principles and requirements of ISO 21434, we aim to further enhance the security and resilience of our software solutions, and contribute to the overall functional safety of automotive systems. 

As part of these efforts, we also participate in industry-standardisation efforts, such as ISO working groups. These groups play a crucial role in shaping the development and implementation of standards like ISO 21434, focusing on cybersecurity in the automotive sector. Through our participation, we contribute expertise and best practices to the establishment of robust cybersecurity frameworks that ensure the integrity and security of automotive software systems.

Canonical’s collaboration within ELISA (Enabling Linux In Safety Applications) – an industry initiative aimed at advancing the use of Linux in safety-critical applications – further demonstrates our commitment to safety in automotive software. By joining ELISA, Canonical aligns itself with other industry leaders in working towards the establishment of comprehensive guidelines and best practices for deploying Linux securely in safety-critical environments. Through its involvement in ELISA, Canonical contributes its expertise in open source software to the development of principles and processes that enhance the safety and reliability of Linux-based systems in automotive applications.

Open source excellence for a dependable Linux

The automotive industry relies heavily on software to power the next generation of vehicles; ensuring the safety and security of these systems is a top priority. By adhering to rigorous standards like ISO 21434, we are not just meeting regulatory requirements – we are setting a new standard for excellence in automotive software development.

On top of that, the lessons learned and best practices established through our efforts towards functional safety have broader implications beyond the automotive industry. As software becomes increasingly integrated into various aspects of our lives, the need for robust cybersecurity measures becomes more critical than ever. By pioneering advancements in functional safety and cybersecurity, we are not only safeguarding automotive systems, but also contributing to the overall security and reliability of software across all sectors.

To learn more about Canonical and our engagement in automotive: 

Contact Us
Check out our webpage
Watch our webinar with Elektrobit about SDV
Download our whitepaper on V2X (Vehicle-to-Everything)

Related posts


Bertrand Boisseau
4 November 2024

Virtual ECUs, or the future of automotive development and testing

Automotive Article

We’ve seen how the automotive industry is rapidly embracing technological advancements, leveraging digital twins and environmental parity. However, there’s a third and often overlooked tool that holds similar potential for this technological advancement: the use of Virtual Electronic Control Units (vECU).  As automotive manufacturers move ...


Bertrand Boisseau
1 November 2024

Canonical at CES 2025

Automotive Article

CES 2025 is right around the corner, and with over 3,000 exhibitors, it continues to be the world’s premier event for unveiling cutting-edge technology across industries.  This year, Canonical, the publisher of Ubuntu, is returning with a focus on showcasing our advancements in AI/ML, as well as our hardware-agnostic solutions that seamle ...


Bertrand Boisseau
31 October 2024

Getting hands-on with AI in automotive

Automotive Article

From cloud to edge, hardware-agnostic AI/ML In January Canonical will reconfirm its presence at CES 2025; here we will be showing a cutting-edge AI/ML demo that showcases how AI models can be trained, deployed, and updated seamlessly across various hardware platforms. This demonstration is a proof of our commitment to building hardware-ag ...