FSOFT become the First Company in Southeast Asia to attain ISO/SAE 21434

FSOFT have officially become the first company in Southeast Asia to achieve ISO/SAE 21434 certification—an international standard for cybersecurity in road vehicles. This milestone not only demonstrates FA’s technical capabilities but also reaffirms the company’s commitment to meeting the stringent cybersecurity requirements of the global automotive market. 

ISO/SAE 21434 was jointly developed by the International Organization for Standardization (ISO) and the Society of Automotive Engineers (SAE) International. The standard establishes guidelines for managing cybersecurity risks in vehicles. It is a highly demanding technical requirement encompassing 45 security domains, known as work products, each with its own set of requirements. These domains cover every aspect of designing electrical and electronic systems for road vehicles, from ICs and software to firmware and libraries. 

To achieve this certification, FA made significant investments in training and upskilling its engineering team. 20 FA engineers completed intensive courses and earned Cyber Security Engineer certifications—one of the key prerequisites to ensuring a highly skilled workforce capable of executing automotive cybersecurity projects in compliance with international standards. 

In addition, FA has built a comprehensive Quality Management System (QMS) that includes 67 newly developed process documents within a short timeframe. This system enables FA to effectively manage cybersecurity risks and fully comply with the ISO/SAE 21434 certification requirements. 

According to Ms. Đinh Thị Phương Mai, a member of the project team, a core team of 10 members worked tirelessly for seven months to complete the necessary tasks for FA to attain certification. She highlighted that the biggest challenge was that this certification was entirely new, requiring the team to simultaneously train personnel and execute processes to build a solid capability framework. The close collaboration between multiple departments, including SEPG, ISMS, and FSA, played a crucial role in achieving this milestone. 

Omnex, the certification body, conducted the evaluation and officially granted the certification to FA, recognizing both the team’s technical expertise and dedication. However, achieving the certification is just the beginning. FA will continue implementing this standard in real-world projects while maintaining and refining company processes through annual audits. 

In fact, since 2021, FA has been engaged in automotive cybersecurity projects with major OEMs and Tier 1 suppliers in Europe. Obtaining ISO/SAE 21434 certification not only strengthens FA’s credibility in automotive cybersecurity but also paves the way for deeper penetration into the European market—known for its rigorous process and information security standards.