As an expert lab in embedded systems security evaluations and penetration testing, we support the automotive industry evaluating components and systems resilience against state-of-the-art cybersecurity attacks, at a hardware, software, communications and cryptographic level.
New vehicles are increasingly made up of a network of IT components that communicate internally, using wired and wireless interfaces (CAN, LIN or Auto Ethernet), and externally, with telematics services, EV charging systems, and intelligent driving systems.
Automotive Tier 1 suppliers are responsible for developing most of the cybersecurity-critical components embedded in a car. OEMs require guarantees that adequate protections and countermeasures are in place to ensure product resilience against potential attackers.
The automotive standards and regulations ecosystem for cybersecurity in vehicles and components is still under development. UNECE WP.29 is the only mandatory regulation in place, while OEMs have a myriad of sectoral standards and best practices available to set up the cybersecurity requirements passed by Tier 1s.
In order to demonstrate components’ resilience against state-of-the-art attacks, OEMs and Tier 1 manufacturers can turn to specialized security laboratories to evaluate their products.
Applus+ IT labs have a strong record of accomplishments evaluating embedded components’ security at hardware, software, communications, and cryptographic level. We have expertise with the complete OSI stack, from system boot to intersystem communications. This bird’s eye view allows us to assess complex systems with a high level of assurance.
We can tailor the evaluation effort in accordance to the desired level of assurance (basic, moderate and complete assurance). Evaluation targets ranges from single components (SoC, HSM, PCB), to devices (ECU, TCU, OBC) to systems and networks (3GPP, Bluetooth, CAN, 100-BaseT1)
Open cybersecurity training and courses aimed at roles like system engineers, cybersecurity managers or software architects. Some examples of our training:
Note: Because Applus+ Laboratories is accredited as a third-party laboratory by several evaluation and certification schemes, and in order to guarantee its impartiality, Applus+ engineers are never involved in actual product development or solutions implementation.