GLOSSARY
Automotive Cybersecurity and Critical Systems Glossary
Definitions across ISO/SAE 21434, UNECE R155 and R156, AIS 189 and AIS 190, TARA, vehicle networks, automotive cybersecurity controls, functional safety, embedded software, verification & validation, and KAVACH.
Each term links to a dedicated page with a longer explanation, why-it-matters context, related terms, and pointers into Agnile’s engineering services and KAVACH.
69 terms across 10 categories.
A–Z
Alphabetical Index
- AI-assisted Cybersecurity Engineering
- AIS 189
- AIS 190
- Architecture-aware TARA
- ASIL
- Asset (cybersecurity)
- Attack Feasibility
- Attack Path
- Attack Tree
- Automotive Cybersecurity
- AUTOSAR Adaptive
- AUTOSAR Classic
- CAN
- CAN FD
- Certificate Management
- CISA KEV
- CryIf
- CSM (Crypto Service Manager)
- CVE
- Cybersecurity Case
- Cybersecurity Claim
- Cybersecurity Concept
- Cybersecurity Goal
- Cybersecurity Interface Agreement (CIA)
- Cybersecurity Management System (CSMS)
- Cybersecurity Property
- Cybersecurity Requirement
- Damage Scenario
- Digital Signature
- DoIP
- EPSS
- EVITA
- FMEA
- FMEDA
- FTA
- Functional Safety
- Fuzz Testing
- HARA
- Hardware Security Module (HSM)
- HIL Testing
- ISO 26262
- ISO/SAE 21434
- Item Definition
- KAVACH
- Key Management
- KeyM
- Message Authentication Code (MAC)
- MIL Testing
- OTA Update
- Penetration Testing
- Risk Value
- RXSWIN
- SBOM
- SecOC
- Secure Boot
- Secure Diagnostics
- Secure Flashing
- SHE
- SIL Testing
- Software Update Management System (SUMS)
- SOME/IP
- TARA
- Threat Scenario
- Type Approval
- UDS
- UNECE R155
- UNECE R156
- Verification & Validation (V&V)
- Vulnerability Monitoring
CATEGORY
Automotive Cybersecurity
CATEGORY
ISO/SAE 21434
Asset (cybersecurity)
Component, function, data flow, or property of an item whose compromise can cause harm.
Attack Feasibility
Estimation of how achievable an attack path is, expressed via factors such as elapsed time, expertise, knowledge, opportunity, and equipment.
Attack Path
Sequence of attacker steps from initial access to compromise of a cybersecurity property.
Attack Tree
Graphical representation of attacker goals, sub-goals, and the steps that achieve them.
Cybersecurity Case
Structured argument with evidence that an item's cybersecurity goals are met.
Cybersecurity Claim
Statement that a cybersecurity goal is met given the controls in place.
Cybersecurity Concept
Description of how the item achieves its cybersecurity goals at the architectural level.
Cybersecurity Goal
Top-level cybersecurity objective derived from a threat scenario at the item level.
Cybersecurity Interface Agreement (CIA)
ISO/SAE 21434 Clause 7 contract that allocates cybersecurity activities between customer and supplier.
Cybersecurity Management System (CSMS)
Organisational management system that governs cybersecurity activities for road-vehicle programmes.
Cybersecurity Property
Confidentiality, integrity, availability, authenticity (or extensions) protected on each asset.
Cybersecurity Requirement
Specification that an implementation must meet to satisfy a cybersecurity claim.
Damage Scenario
Description of the harm that occurs when a cybersecurity property of an asset is compromised.
ISO/SAE 21434
International standard for road-vehicle cybersecurity engineering across the lifecycle.
Item Definition
ISO/SAE 21434 work product that scopes the system under cybersecurity analysis.
Risk Value
ISO/SAE 21434 risk score derived from impact (SFOP) and attack feasibility.
TARA
Threat Analysis and Risk Assessment — the structured cybersecurity risk method of ISO/SAE 21434.
Threat Scenario
Plausible way an attacker can compromise a cybersecurity property of an asset.
CATEGORY
UNECE / Type Approval
AIS 189
India's emerging automotive cybersecurity standard, derived from UN R155.
AIS 190
India's emerging software-update management standard, derived from UN R156.
OTA Update
Over-the-air software update delivered to a vehicle ECU after manufacture.
RXSWIN
Regulation X Software Identification Number — identifier for the software set covered by a UN regulation type approval.
Software Update Management System (SUMS)
Process system covering planning, distribution, and recording of vehicle software updates.
Type Approval
Regulator confirmation that a vehicle type meets specified technical requirements before market entry.
UNECE R155
UN Regulation requiring vehicle manufacturers to operate a certified Cybersecurity Management System.
UNECE R156
UN Regulation requiring a certified Software Update Management System for type-approved vehicles.
CATEGORY
Functional Safety
ASIL
Automotive Safety Integrity Level — A through D, where D is the highest rigour.
FMEA
Failure Mode and Effects Analysis — qualitative analysis of how components fail and what they cause.
FMEDA
Failure Mode, Effects, and Diagnostic Analysis — quantitative ISO 26262 hardware metric analysis.
FTA
Fault Tree Analysis — top-down deductive analysis of how failures combine to a hazardous event.
Functional Safety
Engineering discipline that protects against unreasonable risk caused by malfunctioning behaviour.
HARA
Hazard Analysis and Risk Assessment — derives safety goals and ASILs from operational hazards.
ISO 26262
Automotive functional-safety standard for road-vehicle electrical and electronic systems.
CATEGORY
Embedded Software
CATEGORY
Vehicle Networks
CAN
Controller Area Network — the dominant low-bandwidth automotive bus.
CAN FD
CAN with Flexible Data-rate — extended payload (up to 64 bytes) and higher bit rate.
DoIP
Diagnostics over IP (ISO 13400) — UDS over Ethernet/IP transport.
SOME/IP
Scalable service-Oriented MiddlewarE over IP — service-oriented automotive Ethernet middleware.
UDS
Unified Diagnostic Services (ISO 14229) — standard ECU diagnostic and reprogramming protocol.
CATEGORY
Security Controls
Certificate Management
Lifecycle of X.509 (or equivalent) certificates used to bind public keys to identities.
CryIf
AUTOSAR Crypto Interface — abstraction between CSM and the underlying crypto driver.
CSM (Crypto Service Manager)
AUTOSAR module that exposes cryptographic services to upper layers.
Digital Signature
Cryptographic proof of authenticity and integrity using an asymmetric key pair.
EVITA
European-funded research framework that defined the EVITA full / medium / light HSM profiles.
Hardware Security Module (HSM)
Tamper-resistant in-ECU module that stores keys and runs cryptographic operations.
Key Management
Lifecycle of cryptographic keys from generation through deployment, rotation, and revocation.
KeyM
AUTOSAR Key Manager — manages cryptographic keys and certificates for the Crypto Stack.
Message Authentication Code (MAC)
Short cryptographic tag that proves a message's origin and integrity to a receiver sharing a key.
SecOC
AUTOSAR Secure Onboard Communication — message authentication for in-vehicle communication.
Secure Boot
Boot-time integrity check that an ECU only runs authenticated firmware.
Secure Diagnostics
Authenticated and authorised UDS / OBD diagnostic operations on ECUs.
Secure Flashing
Authenticated and integrity-checked update of ECU firmware.
SHE
Secure Hardware Extension — a lightweight HSM-style specification predating EVITA Light.
CATEGORY
Verification & Validation
Fuzz Testing
Validation technique that feeds malformed or random inputs to surface robustness defects.
HIL Testing
Hardware-in-the-Loop testing — ECU under test on a bench with simulated plant and stimuli.
MIL Testing
Model-in-the-Loop testing — algorithm verification against the model before code generation.
Penetration Testing
Authorised, scope-bounded attacker simulation against a defined target.
SIL Testing
Software-in-the-Loop testing — generated or hand-written code tested in a host environment.
Verification & Validation (V&V)
Systematic confirmation that a system meets its requirements (verification) and its intended use (validation).
CATEGORY
Vulnerability Management
CISA KEV
CISA's Known Exploited Vulnerabilities catalog — CVEs confirmed to be exploited in the wild.
CVE
Common Vulnerabilities and Exposures — public identifier for a disclosed security flaw.
EPSS
Exploit Prediction Scoring System — probabilistic likelihood that a CVE will be exploited.
SBOM
Software Bill of Materials — machine-readable inventory of components and dependencies in a build.
Vulnerability Monitoring
Continual ingestion of public and private vulnerability information against an organisation's asset inventory.
CATEGORY
KAVACH
AI-assisted Cybersecurity Engineering
Use of AI — retrieval, structured generation, validation — to accelerate cybersecurity engineering with engineer-in-the-loop review.
Architecture-aware TARA
TARA performed against a structured model of the vehicle / item architecture, not against a flat spreadsheet.
KAVACH
Agnile's AI-assisted ISO/SAE 21434 cybersecurity engineering workspace.
RELATED RESOURCES
Use the glossary alongside
Contact Us
Agnile supports safety, security, and mission critical engineering programmes across automotive, aerospace, embedded, IoT, enterprise software, cybersecurity, safety, V&V, digital engineering, and KAVACH.