Automotive

Project FOTA: a seamless approach to security

As connected vehicles grow more complex, automotive companies must ensure cybersecurity across the entire lifecycle. We developed a unified framework integrating safety and security requirements, enabling reusable cybersecurity work products for future projects.

arrow_circle_right Project FOTA

About the client

Automakers, suppliers, and other stakeholders in the automotive industry addressing cybersecurity risks in increasingly connected vehicles.

Industry: 

Automotive

Services

Automotive safety

Cybersecurity

Embedded software security development

Technologies

ASPICE
CSMS (Cybersecurity Management System)

Automotive safety and security compliance

At Spyrosoft, we provide end-to-end automotive cybersecurity services: we design and deploy cybersecurity processes and analyse the existing ones, support the development of embedded software products according to the current automotive and cybersecurity regulations and standards, as well as design and implement cyber-software features. 

Since the cybersecurity requirements of ISO 21434 and UNECE regulations go hand in hand with the ASPICE framework in most automotive software development projects, we established a unified approach that merges all the requirements. The process was designed based on our internal FOTA project.

Challenge and business need

CSMS FOTA is Spyrosoft’s internal project in the area of automotive cybersecurity. The key objective is to achieve the cybersecurity work products implementation framework as per the CSMS process, in compliance with ISO 21434 and Spyrosoft-specific policies and procedures.

The framework is developed in such a way that it can be reused for customers with minimal modifications.

Our responsibilities

The project was developed in two phases.

Concept phase:

      • Item definition for CSMS FOTA
      • Threat analysis and risk assessment within the Item definition
      • Cybersecurity goals to be achieved to protect CSMS FOTA component from unintended security breaches
      • Cybersecurity concept (derivation of high-level operational requirements to protect CSMS FOTA component)

      Product development phase:

      • Cybersecurity specification derivation (system & software)
      • Security design (HLD & LLD)
      • Cybersecurity implementation (configurations & algorithms)
      • Vulnerability analysis and management (specification, design, code, verification and validation)
      • Cybersecurity verification and validation for all levels (concept, specification, design, implementation)

      The result

      FOTA demonstrates that it’s possible to create an effective process that can serve customer-specific cybersecurity needs and lead to achieving required protection, while meeting industry-specific standards, such as ASPICE.

      arrow_circle_right Our work

      See other success stories of our clients

      Aerial view of a large highway interchange with multiple curved overpasses and heavy traffic flowing through a dense urban area.

      Automotive

      Hazard analysis and risk assessment in automotive

      Automotive

      Roborace: in search of the car of the future

      Automotive

      Prototyping the engine of the future

      See more case studies

      arrow_circle_rightContact us

      Interested in working together? Get in touch.

      Paweł Grygiel

      Pawel Grygiel

      Director of Automotive

      +48 504 758 786