Guidelines for Automotive Environment Cybersecurity Key Management and Credential Distribution
J3201_202409
This document specifically pertains to cybersecurity for road vehicles. This document encompasses the entire vehicle lifecycle of key management. It has been developed by SAE Committee TEVEES18F, Vehicle Security Credentials Interoperability (VSCI), a subcommittee of SAE Committee TEVEES18A, Vehicle Cybersecurity Systems Engineering Committee. This committee is authorized under the scope and authority fo the SAE Electronic Design Automation Steering Committee (also known as the Electronic Systems Group) that is directly under the scope and authority fo the SAE Motor Vehicle Council.
The SAE Motor Vehicle Council’s stated scope of influence and authority, as defined by the SAE includes, passenger car and light truck in conjunction with ISO/SAE 21434.
Rationale:
This document provides guidance to the reader for the management and distribution of credential material for the road vehicle. Common use cases are defined in this document and are known as service definitions. There are primary and secondary service definitions, which can serve as the basis for applicable use cases to an original equipment manufacturer (OEM) or a tiered supplier.
This document includes the following:
Recommended practice guidance on exchange of credentials, within and between OEM and Tier-n suppliers using Key Management Interoperability Protocol (KMIP).
Support for key and credential types common to the automotive industry
Support for key provisioning, revocation, and rotation mechanisms.
Related Topics:
Cybersecurity
Logistics
Identification
Risk management
Data exchange
Also known as: SAE J 3201
SAE MOBILUS
Subscribers can view annotate, and download all of SAE's content.
Learn More »