Automotive

Compliance with WP29 and ISO/SAE 21434

Support you in your path of compliance with Cyber security Regulations and standards. Whether you are an OEM, tier-1 supplier or other company in the Automotive world, we are the reference in designing secure embedded products.

From a Cyber Risk assessment all the way down to securing your manufacturing production line.

Deploying a state of the art approche and assuring regulation compliance with achieving your target type approval as our goal.

We provide you with the needed support to produce your security deliverables and work products to be compliant with the ISO/SAE 21434 (Annex A).

These deliverables and work products can be as follows:

• Cybersecurity Plan
• TARA
• Cybersecurity Specification
• Security Development Interface Agreement
• Cybersecurity Case

And much more.

Deploying an effective Product Security Program

As cyber security challenges and threats are increasing every day, Cyber security regulation has been enforced up on companies working in the automotive industry.

Without having a defined cyber security strategy, time and money will be lost trying to achieve regulation compliance and an effective security posture for your organization.

Hence, we are here to support you in defining your security strategy, deploying your Product Security Program in a strategic way ensuring that you  achieve your goals, reducing your costs and having the best security posture for your products.

CSMS (Cyber Security Management System)

An automotive cybersecurity management system assessment is important because it ensures that a company’s cybersecurity processes are robust and up to standards.

Without providing evidence of a CSMS, automotive manufacturers and suppliers will not be able to gain type approval and sell their products.

Whether you are an OEM or Tier-1 Supplier you will need to deploy and certify your CSMS. As experts in the field, We are here to support you in your adventure of creating and certifying your CSMS.

Secure Product Design and Implementation

ECUs and other embedded RTOS systems in the automotive industry demand a high level of skill sets and know-how as they requisite expertise in Real Time system, Embedded system, Software design, Hardware design, telecommunication and network.

Above all of these domain comme the cyber security with it domains of speciality:

• Risk Management
• Asset Security
• Security Architecture and Engineering
• Communication and Network Security
• Identity and Access Management
• Secure Software Development
• Security Operation
• Security Assessment and Testing

Security experts with all of these prerequisite expertise are very rare. Whether you are following ASPICE, CLEAN, V-cycle or any other product development life-cycle, our experts have in-depth knowledge and expertise in these domains and are here to guide you through your products development phases from the start all the way to the production.

Cyber Security Product Maintenance

Cyber security maintenance of your product is something mandatory that all OEMs are requesting for a long period of time to ensure the security of their vehicle during its life cycle.

This activity require special capabilities like :

• Maintaining the development environment
• Conducting Active Security Monitoring
• Executing Vulnerability Analysis
• Doing Incident Management
• Issuing Security Advisors

Products tend to be forgotten after they were shipped to the client and keeping expertise on niche topics is quite difficult. Hence we are providing our services to handle these complex topics and ensuring that you focus on your innovation in new projects and technologies.

Product Security Monitoring and Vulnerability Management

Regulation and interactional standards like the WP.27 and the ISO/SAE 21434 request the deployment of processes and mechanisms to ensure that the products and vehicles shipped to customers maintain their security level.

These processes and activities can be divided in to the following categories:

• Continuous security monitoring of cybersecurity events.
• Vulnerability Analysis
• Vulnerability Management
• Incident Management

All these security activities ensure the security and safety of the end users and drastically reduce the risk of cyber attacks on ECUs, Domain controllers and other electronics systems in the cars.

By compliant to these regulations and standards, you reduce your risks of amendment and penalties in case of a cyber attack on one or several products of yours.

We offer you our expertise in these topics and guide you through the deployment of your processes all the way down to compliance.

We offer as well our service to deploy these services on your behalf throughout your products life cycle.

Production and Plant Security

Product production is complex and errors are very costly. Whether its Flashing Firmwares or binaries, communication to third parties, connection to R&D sits or other activities, all of these activities in a secure product development need to be at the same time secured and supported for security operation.

We are providing our expertise to support you for all of these operations:

• ICS/SCADA Infrastructure security
• Cryptographic key management (e.g. PKI, KMS, HSM)
• Secure Flashing
• Secure product enrollment
• Secure connection and communication
• Secure product activation
• Secure warranty return management

Training and awareness

Whether you are Project manager that need to handle security customer requirements, whether you’re a department manager that want to handle cyber security regulation, whether you are an automotive engineer that want to start a career in automotive cyber security or any other person who is interested in automotive cybersecurity regulation and standards, you have just found what you were searching for.

We are proposing  the following trainings that shall satisfies your needs and above: