본문바로가기

BUSINESS

Future Mobility Software Solutions Partner

SCROLL DOWN

Automakers(OEM) shall check Cybersecurity Management System(CSMS) of its suppliers to obtain regulation(UNR 155) certification.
Controller developers(Tier) shall provide evidence that they are competent in handling cybersecurity through CIA(Cybersecurity Interface Agreement).
As CSMS can be reused for a number of global OEMs, proper initial establishment is critical.

How should we prepare for OEM’s CSMS Audit?

  • I do not know to what extent, I should prepare to meet the OEM requirement.

  • I do not know how to make the Work Products.

  • I would like to utilize the system we already have.

  • I would like to satisfy requirements of all OEM if possible.

With FESCARO, enhance the value
and quality of controllers through CSMS certification.
  • 사이버보안 전문 컨설팅 조직 운영
    Operate professional Cybersecurity consulting organization
    • Analyzed & understands Regulation(UNR 155, UNR 156)
    • Analyzed & understands International Standard
      (ISO/SAE 21434, ISO 24089)
    • A-SPICE, ISO 26262 consulting competent
  • 국제 법규(UNR 155) 및 표준(ISO/SAE 21434) 인증 대응
    Respond to Regulation(UNR 155) &
    Standard(ISO/SAE 21434) certification
    • Completed consulting & certification for
      Global automotive OEM and ECU manufacturer
    • Offer work products(Approx. 50 types) & templates required for certification
    • Cooperative system with certification authorities for certification
  • 법규(UNR 155) 및 글로벌 표준을 만족하는 테스트 방법론 보유
    Experienced consulting for global tiers
    • Understand the needs in both Automotive OEM & Tier POV
    • Optimized consulting considering OEM requirement & current status
    • Applicable guideline for Design/Verification/Production/Operation
Comply with regulations effectively.
Work Product
  • Organizational
    Cybersecurity
    Management
    • Cybersecurity policy, rule and process
    • Evidence for competence management, awareness management & continuous improvement
    • Evidence for organization management system
    • Organizational cybersecurity audit report
  • Project
    Dependent Cybersecurity Management
    • Cybersecurity plan
    • Cybersecurity case
    • Cybersecurity assessment report
    • Release for post-production report
  • Distributed
    Cybersecurity Management
    • Cybersecurity Interface Agreement
  • Continuous
    Cybersecurity Activities
    • List of sources for cybersecurity monitoring
    • Cybersecurity event report
    • Vulnerability analysis & management
  • Concept Phase
    • Item definition
    • Threat Analysis & Risk Assessment(TARA)
    • Cybersecurity concept
    • TARA & concept verification report
  • Product Development Phase
    • Refined cybersecurity specification
    • Cybersecurity specification verification report
    • Documentation of the modelling, design or programming languages and coding guidelines
    • Integration and verification report
  • Production
    • Production control plan
  • Operation & Maintenance
    • Cybersecurity incident response plan
CONTACT USquestion_mark

SITEMAP