Comprehensive protection for the entire product lifecycle
Every stage in a product’s lifecycle has to be covered by suitable security solutions.
If even one process phase remains vulnerable, the security of the entire system could be compromised.
From July 2022, new regulations will be compulsory for all new vehicle types, and for all new vehicles manufactured from July 2024. ESCRYPT helps manufacturers and suppliers to make their organization fit for the new cybersecurity requirements.
The type approval of vehicles will soon only be possible if a certified cybersecurity management system is in place. ESCRYPT supports manufacturers and suppliers to understand and implement the new cybersecurity requirements by conducting a vehicle type approval readiness assessment.
ESCRYPT’s security analysis lays the foundation for a secure product. But even if product development is further along, long product lifecycles often mean having to respond to new requirements or new security risks. ESCRYPT helps customers determine the data and functions to be protected, identify potential attacks and attackers, and define the appropriate protection requirements for all critical security risks. When necessary, ESCRYPT develops suitable adaptations for security implications.
ESCRYPT provides support in creating the security design for all the hardware and software security components needed for this architecture, as well as in designing any necessary security infrastructures and processes. The resulting specifications are tested to ensure that they meet protection requirements and, if needed, optimized once again.
Once the security architecture is in place, it is possible to add the security components and mechanisms specified, and define any necessary processes and guidelines. For this stage in the product lifecycle, ESCRYPT provides a wide range of predesigned security products, but it can also create software tailored to each customer’s needs and requirements.
ESCRYPT’s security test services always employ the latest testing and hacking methods to assess the effectiveness and performance of all the protective measures for the product. Upon request, we can also recommend follow-up improvements or even implement them directly.
The finished security components are securely integrated into the product, where they undergo configuration and initial activation. For all related questions and needs, ESCRYPT stands ready to provide expert support and advice. Upon request, ESCRYPT also offers security training for the customer’s employees who are responsible for the product. This customized training provides them with the necessary awareness of various issues and, if needed, improves their working knowledge of security.
ESCRYPT provides support both during the production phase and once security-critical products have been deployed in the field. This support may take the form of, for example, customized embedded PKI and key management solutions that can be produced on a large scale. Once the overall system has passed the mandatory security check, it is also possible to apply for official security certification. ESCRYPT’s security experts assist you throughout the entire certification process.