From Passive Compliance to Proactive Defense Through ISO/SAE 21434
The ISO/SAE 21434 certification, issued by TÜV NORD, validates that Streamax has established a comprehensive vehicle lifecycle cybersecurity risk management system. This system covers every phase – from concept design and product development to manufacturing, operation, maintenance, and eventual decommissioning.
The certifications go beyond technical compliance. They represent a strategic shift from reactive compliance to proactive defense. Streamax has integrated security-by-design principles across its R&D workflows, ensuring that potential vulnerabilities are identified and mitigated early in the development process.
Why ISO/SAE 21434 Matters for Global OEMs
ISO/SAE 21434 is the world’s first international standard dedicated to automotive cybersecurity engineering, jointly developed by ISO and SAE International. It serves as a core conformity basis for:
-
UN R155 (Cyber Security Management System – CSMS)
-
UN R156 (Software Update Management System – SUMS)
-
China’s mandatory national standards GB44495 (vehicle cybersecurity) and GB44496 (software update)
For global OEMs, ISO/SAE 21434 has become a non-negotiable entry criterion when selecting tier-1 suppliers. With this certification, Streamax is now qualified to participate in automotive cybersecurity-sensitive projects across Europe, North America, and Asia.
TISAX AL3 – The Highest Level of Information Protection
Alongside product cybersecurity, Streamax has secured the TISAX AL3 label for both Streamax Technology and Streamax Electronics. TISAX (Trusted Information Security Assessment Exchange) was initiated by the German Association of the Automotive Industry (VDA) and is operated by ENX.
AL3 (Assessment Level 3) is the highest protection level within TISAX, requiring:
-
On-site audits by accredited service providers
-
Rigorous controls for confidentiality, integrity, and availability of sensitive data
-
Specialized protection for vehicle prototypes and customer confidential information
To achieve AL3, Streamax implemented a multi-dimensional protection framework encompassing people, processes, technology, and physical facilities. Key enhancements include:
-
Physical security improvements at R&D and testing sites
-
Granular access management and role-based permissions
-
End-to-end document encryption and digital rights management
-
Comprehensive logging and audit trails for all sensitive data access
This achievement signals to global partners that Streamax can be trusted with the highest levels of trade secrets, prototype designs, and customer operational data – a critical differentiator that strengthens long-term collaboration across the automotive supply chain.
Compliance and AI Integration for Smart Mobility
As vehicle connectivity deepens and cyber threats grow more sophisticated, Streamax is systematically integrating multiple standards to create a coherent security framework:
-
ISO/SAE 21434 (cybersecurity engineering)
-
TISAX AL3 (information security management)
-
ASPICE (software process improvement)
-
ISO 26262 (functional safety)
Beyond compliance, Streamax is leveraging AI to enhance threat detection and response capabilities across its product portfolio. By combining AI-driven analytics with certified cybersecurity processes, Streamax aims to enable predictive security – identifying anomalies before they become incidents.
For Streamax, security is not a destination but a continuous journey of improvement. The company is committed to pushing technological boundaries while turning industry standards into its internal engine for excellence. Its vision remains to become the world's most trusted guardian of road safety.
About ISO/SAE 21434
ISO/SAE 21434:2021 – “Road vehicles – Cybersecurity engineering” – is the first global automotive cybersecurity standard. It mandates a risk management framework across the entire vehicle lifecycle, from concept to decommissioning. Compliance is essential for supply chain access to major OEMs and for regulatory approval under UN R155.
About TISAX
TISAX (Trusted Information Security Assessment Exchange) is the automotive industry’s standard for information security assessment. Managed by ENX, it enables mutual recognition of security assessments among thousands of automotive partners. Assessment Level 3 (AL3) represents the highest protection level, requiring on-site audits and rigorous controls for highly sensitive data and prototypes.
