Automotive Cybersecurity

Security Audit Service of Connected Cars

Modern vehicles are increasingly complex, with articulated electrical and electronic architectures in constant evolution. This also depends on the adoption of new electrified systems, such as electric powertrains, active safety systems, and ADAS systems. In addition, vehicles are increasingly connected to each other and to external devices and networks, such as smartphones, PCs, diagnostic systems, Wi-Fi networks, smart pillars and barriers.

These innovations require users to be protected and secure from possible cyber attacks or illicit activities.

European homologation directives took into account the benefits and risks of the technology and its rapid development, and introduced ECE R155 and ECE R156, which set the rules for the development of products and systems to ensure an appropriate level of cybersecurity in accordance with best practices.

Automotive cybersecurity is concerned with defending all critical elements of the vehicle from cyber threats. To do this, a security assesment must be conducted, which is used to identify and assess the risks associated with the connected-car Internet connection.

Best Practice

IMQ Group is a leader in compliance verification in Europe and understands the benefits of best-practice strategies to address these challenges. The wide range of services offered by group companies, including threat and risk analysis, as well as functional and technical security concepts, allows us to develop a holistic approach.

Automotive Cybersecurity

The activities of Automotive Cybersecurity offered by IMQ, a Group Company, on on-board internet systems of the new connected car have in common the aim to contribute to the client a detailed knowledge on the safety status of their IT systems.

Which is the best approach for automotive cyber security?

CSI and IMQ Minded Security, together with qualified IMQ Group external partners, can guide you through all phases of the secure vehicle development life cycle, with the goal of being compliant with new cybersecurity standards.

The security services for the automotive sector offered by the IMQ Group include the following:

Architecture Threat Modeling - IMQ Minded Security can support businesses in reviewing the Architecture, evaluating the threat modelling assessment.
Secure Design - reviewing Design activity of software components in order to identify design flaws that can be used to attack the application logic.
Security Requirements - guiding principles for a safe development for all the framework used during the software creation.
Security Assessment - safety assessment regarding the activity of Penetration testing, Runtime analysis and fuzz testing, Manual Secure Code Review and Mobile Security Assessment.
Fixing support - to guarantee an effective implementation of countermeasures to identified vulnerabilities.
Training in order to improve the company safety knowledge, mandatory to create always safer software.
ECE R155 and ECER156 certification.

The CAE service of CSI provides a full support to customers during all the vehicle development phases, from the Concept to the Homogolation/Self-Certification. CSI, known internationally as Euro NCAP laboratory and as a competence hub, with high experienced know-how and skills in the automotive field, offers its experience in the management of turn-key projects with a team of professionals assigned to the project. The BU Conformity Assessment of CSI offers certification, inspection, testing and training services specific for the Automotive Sector. The training courses done by IMQ Group are a reference point in the training and continuing education of professionals and companies technical personeel for years. The cyber security in the automotive field impacts the protection of all the important elements in the vehicle from the treats to the IT safety: a cyber security assessment is required to analyse all the dangers and evaluate risks linked to the exposure to internet of the connected-car.