arrow_circle_right AUTOMOTIVE CYBERSECURITY

We combine ASPICE and Cybersecurity in one seamless framework

Presentation about automotive cybersecurity

Ensure your product and processes are in line with Automotive and Cybersecurity standards

Through the Software Defined Vehicle concept, Cybersecurity plays a significant role in vehicle safety, ensuring privacy and availability of systems. However, Cybersecurity no longer applies to Embedded Software systems alone. The recent UNECE regulations require that car manufacturers must implement management systems and have them audited for Cybersecurity by independent parties 

As part of our services, we design and deploy CySec processes and analyse the existing ones. We support the development of Embedded Software products according to the current Automotive and Cybersecurity regulations and standards. We also design and implement Cyber-software features. 

arrow_circle_right HOW WE CAN HELP

Cybersecurity process design and engineering services

Our services range from performing Automotive Cybersecurity analyses and audits to designing and developing security solutions and processes. 

account_tree

CSMS Process

  • CSMS strategy
  • Gap analysis and improvements
  • CSMS process design, definition and deployment
  • CSMS pilot projects execution
  • Tooling selection and adaptation
code

Product Development

  • Cybersecurity analyses, such as TARA, VA acc. to ISO21434
  • Cybersecurity Concept definition
  • System and software development compliant with ISO21434/UN R155
  • Project Cybersecurity management
  • Compiling Cybersecurity specifications
  • Embedded testing (fuzzy, pentests, static)
  • Backend pentests
  • Software update or software update management system (SUMS, R156)
terminal

Development and Test Environment

  • Design and implementation of a development environment compliant with ASPICE, Cybersecurity and Functional Safety requirements
  • Definition and implementation of KPI measurement
  • Cybersecurity tooling integration and adoption to existing CI/CD
Workshop regarding automotive cybersecurity

How we do it 

Our unified approach merges the ASPICE framework and Cybersecurity requirements of ISO 21434 and UNECE regulations, which in most Automotive software development projects go hand in hand. We established the process based on our internal FOTA project.  

READ ABOUT FOTA

Our work process is designed to meet your unique needs

We approach each client case individually, adjusting our process to specific needs. By understanding the unique challenges and objectives of every project, we can deliver the best results possible. Our team of experts collaborates closely with clients, fostering a transparent and communicative partnership.

engineering

Experts

• Senior engineers
• Domain experts
• Highly flexible

Laptop or VDI access to customer environment (usually 1–2 weeks)

deployed_code

Work package

• Closed work package handled by Spyrosoft
• Set of experts needed to deliver the work package

Communication channels, access to experts, project handbook, process definition (usually 2–3 weeks)

sweep

Service

• Identify work packages plan and ensure execution and compliance with international or customer standards

Communication channels, access to experts, project handbook, process definition (start with key experts in 2–3 weeks, full team within 1 month)

arrow_circle_right THE ADVANTAGES WE OFFER

What makes us a reliable partner?

counter_1

3-5 years of experience in the field of Cybersecurity in Embedded Systems

counter_2

In-depth knowledge of ISO 21434, TISAX and 27k1

counter_3

One, integrated framework for ASPICE, FUSA and Cybersecurity

counter_4

Custom-fit approach to each client

arrow_circle_right Our team

Meet our experts

Tomasz Lokietek

Tomasz Lokietek

Head of Embedded Functional Safety and Cybersecurity

I am a certificated Automotive Consultant with over 15 years of experience in the computer software industry. I have extensive experience in Kaizen, Electronics, Automotive, R&D and Manufacturing gained by working with leading IT companies in Europe. I am also an accomplished professional with an executive MBA focused in Business Administration, Management and Operations from Polish Open University. At Spyrosoft, I support key clients from the Automotive business unit in implementing Functional Safety solutions.

Karol Zagrodzki

Karol Zagrodzki

Embedded Security Engineer

I am a certified Automotive Cybersecurity Engineer with a background in Embedded C. I have extensive experience in Cybersecurity processes, including performing Threat Analysis and Risk Assessments (TARAs) and developing Cybersecurity Concepts for embedded systems. Additionally, I am proficient in designing security solutions both within and outside developed ECUs, employing cryptography and other security principles.

Srikanth Pulluri

Srikanth Pulluri

Senior Cybersecurity Manager

I have worked as a Cybersecurity Subject Matter Expert (SME) with hands-on experience in Embedded Security Design and Development, using Embedded C. I also have experience in Requirements Engineering and have served as the Single Point of Contact (SPOC) for customers regarding technical topics. I’ve managed multiple components (ECUs) for end-to-end Cybersecurity Lifecycle activities and have practical experience in team management, Cybersecurity planning, and execution.

HUD and hologram screens and infotainment system as wide banner

arrow_circle_right CASE STUDY

Project FOTA

FOTA is our internal project, which aims to achieve the Cybersecurity work products implementation framework as per the CSMS process, in compliance with ISO 21434 and Spyrosoft-specific policies and procedures, also seamlessly merged with ASPICE.

FOTA demonstrates that it’s possible to create a unified process that can serve customer-specific needs and leads to achieving the required protection, while meeting all the industry-specific requirements.

READ FULL CASE STUDY

arrow_circle_rightContact us

Ensure your project and processes follow the ASPICE standard and meet the Cybersecurity requirements of ISO 21434 and UNECE

Tomasz Lokietek

Tomasz Lokietek

Head of Embedded Functional Safety and Cybersecurity