“Security is like the brakes of your car. It slows you down but it also enables you to go a lot faster.”
The trend towards connected products is giving rise to innovative features – and also to the possibility of malicious attacks, particularly from faraway hackers.
As an engineering partner, we put our cyber security expertise at your disposal and develop secure connected products that fit your enterprise. Startup or corporate giant, we deliver sized to suit your business and industry.
Cybersecurity check-up: How secure are your products? Security is a big deal when companies set out to develop products, but key questions about how to design and build in security often go unanswered. How much should you invest to achieve the appropriate level of security? Where do you start? What steps will you have to take? If you want to make informed decisions and avoid needless investments, a check-up is an excellent idea.
Baseline cybersecurity concept: How do you build ‘secure’ architecture? The idea behind a baseline cybersecurity concept is to factor security into the equation during the initial design phase when you go to select architecture and hardware. Called security by design, this approach often mitigates the risks that may arise later when security measures are put into practice. The baseline cybersecurity concept is no substitute for a detailed risk analysis and properly developed roadmap, but it does anticipate project-related risks and helps make the system ‘security-ready.’
Identification of hardware requirements
What does ‘secure’ actually mean? Security is always context-specific. For example, confidentiality is imperative for passwords, but irrelevant for public messages. A risk analysis serves to identify appropriate security objectives, pinpoint a system’s potential vulnerabilities, and assesses the associated risk. Our experts team up with yours to assess risk and draw up a list of prioritized vulnerabilities. This assessment then serves to guide your decisions regarding the cybersecurity concept.
Definition of cyber security goals
Hazard scenario identification
Attack tree modelling
What security mechanisms do you need? We will work with you to develop a concept for a security architecture engineered to meet the defined security goals and outline the requirements for implementation. Once we jointly finalize the concept, we can specify the appropriate requirements.
Security concept development
Secure onboard communication
How do you actually implement security mechanisms ‘securely’? Even if the concept and specifications are indeed secure, software vulnerabilities can easily compromise the overall system’s protection. This is why it is so important for developers to rule out all software vulnerabilities – that is, in the components that implement security mechanisms and in all other software – to afford proper protection against hackers. We rely on secure coding practices and semi-automated code analysis to ensure code conformity.
Cryptographic library integration
Source code hardening
Have any chinks in the armor, any opportunities for attacks been overlooked? Software has to be tested to confirm its reliability, and the same goes for secure systems. We use state-of-the-art methods and tools to test systems for vulnerabilities that an attacker could exploit and explore your options for fixing these vulnerabilities.
Product security is one concern, but companies also have to adopt cybersecurity processes and methods to obtain reproducible results. A recurring challenge is that security processes typically have dependencies and goals that conflict with those of other processes. Take of advantage of the vast experience we have gained with our in-house cybersecurity engineering process. We help you establish new security processes and methods. Rest assured, we will factor your requirements, technical constraints, and legacy processes into the security equation.
Process consulting (e.g. ISO/SAE 21434, IEC 62443)
Safety / security interaction
Enforcing security on a technical level
Cyber security affects all industries that work with embedded systems. Learn more about specific technical security aspects that we typically work on and tailor to the technical as well as non-technical objectives of our customers.
Cyber security is relevant to all sectors that work with embedded systems. Our cross-domain expertise is a great asset here. It enables us to take advantage of synergies and port security solutions and methods from other sectors into your solution.
We know how to secure embedded systems and connected products, and this cyber security skill-set features prominently on our YouTube channel. Regulatory issues such as ISO/SAE 214343 and UNECE are also a hot topic. To learn more, be sure to check out our YouTube channel.
Learning from other domains and developing secure systems
Our experts’ insight into state-of-the-art security technology and methodology runs deep and ranges wide, from automotive and manufacturing use cases to medical engineering. Drawing on this powerful set of synergies, domain expertise, and engineering skills, we develop standards-compliant solutions. And the solution tailored for you will be built in teamwork with you. Our tool- and product-independent approach lets you enjoy the benefits of unbiased advice and optimized engineering services tuned precisely to meet your needs.