The ISO/SAE 21434 standard is an important reference for building cybersecurity and resilience for vehicle manufacturing. However, simply introducing a cybersecurity solution does not improve resilience, but rather requires a planned approach.

It is difficult to plan a system with good cybersecurity resilience if inconsistent information exists during the design, implementation, and verification phases. Therefore, we propose a framework for importing an attack knowledge base, which can help synchronize the information in different phases and achieve consistent information delivery. An attack knowledge base is a database for recording and organizing information security attacks that can help automakers more accurately assess threats and provide feasible solutions during the design, implementation, and verification phases. We will discuss in detail how to introduce the framework of the attack knowledge base and discuss its contribution to cybersecurity resilience in the automotive industry with case studies.