Ensure your product and processes are compliant with Automotive and Cybersecurity regulations and standards
Through the Software Defined Vehicle concept, Cybersecurity plays a significant role in vehicle safety, ensuring privacy and availability of systems. However, Cybersecurity no longer applies to Embedded Software systems alone. The recent UNECE regulations require that car manufacturers must implement management systems and have them audited for Cybersecurity by independent parties.
As part of our services, we design and deploy CySec processes and analyse the existing ones. We support the development of Embedded Software products according to the current Automotive and Cybersecurity regulations and standards. We also design and implement Cyber-software features.
HOW WE CAN HELP
Cybersecurity process design and engineering services
Our services range from performing Automotive Cybersecurity analyses and audits to designing and developing security solutions and processes.
- CSMS strategy
- Gap analysis and improvements
- CSMS process design, definition and deployment
- CSMS pilot projects execution
- Tooling selection and adaptation
- Cybersecurity analyses, such as TARA, VA acc. to ISO21434
- Cybersecurity Concept definition
- System and software development compliant with ISO21434/UN R155
- Project Cybersecurity management
- Compiling Cybersecurity specifications
- Embedded testing (fuzzy, pentests, static)
- Backend pentests
- Software update or software update management system (SUMS, R156)
Development and Test Environment
- Design and implementation of a development environment compliant with ASPICE, Cybersecurity and Functional Safety requirements
- Definition and implementation of KPI measurement
- Cybersecurity tooling integration and adoption to existing CI/CD
How we do it
Our unified approach merges the ASPICE framework and Cybersecurity requirements of ISO 21434 and UNECE regulations, which in most Automotive software development projects go hand in hand. We established the process based on our internal FOTA project.
Our work process is designed to meet your unique needs
We approach each client case individually, adjusting our process to specific needs. By understanding the unique challenges and objectives of every project, we can deliver the best results possible. Our team of experts collaborates closely with clients, fostering a transparent and communicative partnership.
- Senior engineers
- Domain experts
- Highly flexible
- Closed work package handled by Spyrosoft
- Set of experts needed to deliver the work package
- Identify work packages plan and ensure execution and compliance with international or customer standards
THE ADVANTAGES WE OFFER
What makes us a reliable partner?
3-5 years of experience in the field of Cybersecurity in Embedded Systems
In-depth knowledge of ISO 21434, TISAX and 27k1
One, integrated framework for ASPICE, FUSA and Cybersecurity
Custom-fit approach to each client
Meet our experts
I am a certificated Automotive Consultant with over 15 years of experience in the computer software industry. I have extensive experience in Kaizen, Electronics, Automotive, R&D and Manufacturing gained by working with leading IT companies in Europe. I am also an accomplished professional with an executive MBA focused in Business Administration, Management and Operations from Polish Open University. At Spyrosoft, I support key clients from the Automotive business unit in implementing Functional Safety solutions.
Meet our experts
I am a certified Automotive Cybersecurity Engineer with a background in Embedded C. I have extensive experience in Cybersecurity processes, including performing Threat and Risk Assessments (TARAs) and developing Cybersecurity Concepts for embedded systems. Additionally, I am proficient in designing security solutions both within and outside developed ECUs, employing cryptography and other security principles.
Meet our experts
I have worked as a Cybersecurity Subject Matter Expert (SME) with hands-on experience in Embedded Security Design and Development, using Embedded C. I also have experience in Requirements Engineering and have served as the Single Point of Contact (SPOC) for customers regarding technical topics. I’ve managed multiple components (ECUs) for end-to-end Cybersecurity Lifecycle activities and have practical experience in team management, Cybersecurity planning, and execution.
FOTA is our internal project, which aims to achieve the Cybersecurity work products implementation framework as per the CSMS process, in compliance with ISO 21434 and Spyrosoft-specific policies and procedures, also seamlessly merged with ASPICE.
FOTA demonstrates that it’s possible to create a unified process that can serve customer-specific needs and leads to achieving the required protection, while meeting all the industry-specific requirements.