Autonomous Vehicles Trust Case: Beyond ISO/SAE 21434 Cybersecurity Compliance

Winners Consulting Services Co., Ltd. points out that a 2023 study by Norwegian researchers Jenssen, Myklebust, and Stålhane reveals a critical blind spot: the existing security assurance cases and functional safety cases required by ISO/SAE 21434 do not cover the "Trust Case" needed for autonomous vehicles to gain public confidence. The study found that trust and safety are statistically unrelated, meaning that if Taiwanese automotive suppliers rely solely on compliance documents, they may face an unquantifiable trust deficit with customers and the market.

About the Authors and This Research

This paper was co-authored by three Norwegian researchers: Gunnar Jenssen, who has long focused on the safety and public trust of autonomous vehicles; Thor Myklebust, a functional safety expert at the Norwegian research institute SINTEF with direct contributions to railway and automotive safety standards; and Tor Stålhane, a software engineering professor at NTNU (Norwegian University of Science and Technology) whose research covers requirements engineering and safety case methodologies. Their combined expertise lends significant credibility to this interdisciplinary research on Safety Cases and Cybersecurity Cases.

The paper was published at the 2023 Reliability and Maintainability Symposium (RAMS), with DOI https://doi.org/10.1109/rams51473.2023.10088202, and has been cited 3 times, including one high-impact citation. The proposed "Trust Case" framework is an important supplement to existing standards like ISO/SAE 21434 and references the structure of Annex G in EN TS 50701:2021 (Railway applications - Cybersecurity) to suggest a cross-industry case design method.

Bridging 'Safety Compliance' and 'Public Trust': The Complete Picture for Autonomous Driving

The core question of this research is: If an autonomous bus obtains all necessary safety certifications, can it be trusted by passengers, regulators, and the general public? The researchers' answer is clear and sobering—not necessarily.

Key Finding 1: Trust and Safety Are Statistically Unrelated

Through literature reviews, focus group interviews, and surveys, Jenssen et al. found no stable positive correlation between the public's "sense of trust" in autonomous vehicles and the vehicles' actual "safety performance." In other words, even if a vehicle fully complies with functional safety standards (like ISO 26262) and vehicle cybersecurity standards (like ISO/SAE 21434), this does not automatically translate into public trust. This finding challenges the common assumption that "compliance equals trust" and has profound implications for the commercialization of autonomous vehicles.

Key Finding 2: Existing 'Safety Case' Frameworks Have Systematic Gaps

The researchers further point out that the industry's conventional "Safety Case" and the "Cybersecurity Case" established under ISO/SAE 21434 are designed to focus on technical arguments and regulatory compliance, failing to cover the following trust-building elements: (1) an explainable presentation of AI decision-making logic; (2) an explanation of how to rebuild trust after a system failure; (3) a "Safety Case for the Public" aimed at a general audience rather than technical experts; and (4) transparent disclosure of deep learning model behaviors. BSI PAS 1881:2022 already requires trial organizations to publish a "public-facing safety case," but most automotive manufacturers have yet to establish corresponding processes.

Key Finding 3: Proposing the 'Trust Case' as a Supplementary Framework

To fill these gaps, the researchers propose the concept of a "Trust Case" as a third structured argumentation framework alongside the Safety Case and Cybersecurity Case. The Trust Case presents specific trust-related information in layperson's terms, including system transparency, organizational accountability, explanations of AI behavioral boundaries, and post-failure response mechanisms. This is one of the most systematic additions to the "complete safety argument picture for autonomous driving" in international academia today.

Implications for Taiwan's Automotive Cybersecurity (AUTO) Practices: Building Trust Beyond Compliance

While pursuing TISAX certification and ISO/SAE 21434 compliance, Taiwanese automotive component suppliers must realize that the demands of European OEMs are shifting from "complete compliance documentation" to "safety arguments explainable to end-users." This shift aligns with the requirements for vehicle type approval under the UNECE WP.29 regulatory framework and is becoming increasingly urgent with the growing prevalence of higher autonomous driving levels (ADAS/AD) in production vehicles.

Specifically, Taiwanese suppliers currently face three practical challenges:

First, the creation of a security assurance case is not yet systematic. According to ISO/SAE 21434 Clause 15, suppliers must establish a traceable security argument system. However, most mid-sized Taiwanese suppliers have scattered documentation and lack structured arguments, facing pressure to provide additional evidence during Tier 1 customer audits.

Second, there is a significant capability gap in creating cybersecurity cases for AI systems. This paper explicitly identifies false positives from deep learning (e.g., results causing driver misjudgment) as a blind spot in current safety cases. Taiwanese suppliers working on ADAS-related components must begin establishing automotive cybersecurity Threat Analysis and Risk Assessment (TARA) for AI perception systems.

Third, the UNECE WP.29 R155 regulation has been mandatory for all new vehicle types since July 2024, meaning that European customers will include a supplier's ability to contribute to a complete safety argument chain as a key evaluation criterion.

How Winners Consulting Helps Taiwanese Companies Move from Compliance to Trust Building

Winners Consulting Services Co., Ltd. assists Taiwanese automotive suppliers in obtaining TISAX certification, implementing the ISO/SAE 21434 standard, complying with UNECE WP.29 road vehicle cybersecurity regulations, and building a complete safety argument system that goes beyond basic compliance.

1. Establishing a Structured Security Assurance Case: Based on the frameworks of ISO/SAE 21434 Clause 15 and EN TS 50701 Annex G, we help suppliers consolidate existing scattered documents into an auditable argument chain that meets the review requirements of Tier 1 customers and certification bodies, aiming to complete the initial framework within 90 days.
2. Developing a TARA Process for AI Perception Components: We assist Taiwanese suppliers of ADAS/AD components in establishing a Threat Analysis and Risk Assessment (TARA) process that covers the behavioral boundaries of deep learning models, ensuring the cybersecurity case addresses the emerging requirements of ISO/SAE 21434 for AI-related threats.
3. Implementing TISAX Certification and Establishing Continuous Compliance Mechanisms: Winners Consulting provides end-to-end guidance, from TISAX gap analysis and system design to on-site audit preparation. We help Taiwanese companies establish a management system compliant with TISAX AL2/AL3 within 7 to 12 months, while also ensuring compliance with the supply chain cybersecurity management requirements of UNECE WP.29 R155.

Frequently Asked Questions

What is a 'Trust Case,' and how does it differ from the cybersecurity case in ISO/SAE 21434?

A 'Trust Case' is a supplementary framework proposed by Jenssen et al. in 2023 to address the shortcomings of existing safety and cybersecurity cases in building public trust. While the security assurance case required by ISO/SAE 21434 focuses on technical arguments and regulatory compliance for an audience of engineers and certification bodies, a Trust Case explains AI decision-making logic, failure response mechanisms, and organizational accountability in layperson's terms. They are complementary, not replacements: compliance documents answer 'Is it compliant?', while a Trust Case answers 'Why is it trustworthy?'. For Taiwanese suppliers, understanding this distinction provides a competitive edge in customer audits and supplier evaluations as European client expectations rise.

What are the most common compliance challenges for Taiwanese companies implementing ISO/SAE 21434?

Taiwanese suppliers face three main challenges when implementing ISO/SAE 21434. First, Clause 15 requires a complete security assurance case, but most companies lack structured argumentation documents. Second, the TARA (Threat Analysis and Risk Assessment) process needs to be managed across the supply chain, yet Taiwanese Tier 2/3 suppliers often lack mechanisms to cascade security requirements upstream. Third, post-production incident response processes are commonly underdeveloped, despite UNECE WP.29 R155 requiring continuous monitoring capabilities for OEMs and their supply chains. Winners Consulting recommends that companies prioritize an ISO/SAE 21434 gap analysis to identify discrepancies between current processes and standard requirements as the starting point for a compliance roadmap.

What are the core requirements of TISAX certification, and how can Taiwanese companies plan their implementation?

TISAX (Trusted Information Security Assessment Exchange) is the European automotive industry's information security standard, based on the VDA ISA questionnaire with three protection levels: AL1, AL2, and AL3. Taiwanese suppliers typically need AL2, while those handling highly confidential design data require AL3. A recommended implementation plan is: Months 1-3 for gap analysis and assessment; Months 4-6 for establishing management systems and documentation; Months 7-9 for internal pre-audits and remediation; and Months 10-12 for the formal assessment by an ENX-accredited body. The results can be shared with European OEMs via the ENX Portal, making it a crucial ticket to the European supply chain and highly complementary to ISO/SAE 21434 and UNECE WP.29 R155 requirements.

What resources are needed to create a safety case for autonomous driving, and what are the expected benefits?

Creating a complete security assurance case compliant with ISO/SAE 21434 typically requires a team of 3 to 6 cybersecurity engineering personnel over 6 to 9 months for a mid-sized Taiwanese supplier. If AI perception components are involved, an additional 20-30% of effort is needed for a TARA analysis covering deep learning model behaviors. The expected benefits include reducing requests for additional evidence during European customer audits, shortening supplier qualification (QA) cycles, and maintaining supply chain access after UNECE WP.29 R155 became mandatory for all new vehicle types in July 2024. Winners Consulting helps companies build the case framework in a modular way to effectively lower initial implementation costs.

Why choose Winners Consulting Services for automotive cybersecurity (AUTO) matters?

Winners Consulting Services Co., Ltd. specializes in automotive cybersecurity consulting for Taiwan's automotive supply chain, offering comprehensive services from ISO/SAE 21434 implementation and TISAX certification guidance to UNECE WP.29 compliance planning. Our team has a deep understanding of the automotive V-Model development lifecycle and TARA methodology, enabling us to translate cutting-edge academic frameworks like the 'Trust Case' into actionable solutions for Taiwanese companies. We help clients achieve TISAX certification within 7 to 12 months, starting with a free automotive cybersecurity mechanism diagnosis. We are a reliable partner for entering the European market, balancing the dual goals of achieving compliance and building long-term trust.