UNR 155 states to verify application of vehicle & controller cybersecurity with cybersecurity test, and ISO/SAE 21434 recommends to perform cybersecurity test by
cybersecurity professional independent from development organization.
Cybersecurity test require know-hows in test design and testing using cybersecurity knowledge and equipment
How should we validate various Cybersecurity tests required by OEMs?
-
I do not know how to do cybersecurity test.
-
OEMs ask for cybersecurity test result performed by cybersecurity professional, but it’s hard to do without the professional people and device.
-
It's difficult to check vulnerabilities in various aspects.
-
There are many projects that require cybersecurity test but lack human resources.
Validate your controller with Cybersecurity testing performed by experts.
-
- Operate internal FESCARO Red team
-
- Cybersecurity test know-how of White hacker group
- Professional device for cybersecurity test
(Fuzzing tool, Reversing device, Signal analyzing device, etc.)
-
- Systematic test procedures, device & know-how
-
- Performed cybersecurity test for various vehicle controllers for many years
- Drafted & Performed cybersecurity function test spec for Global OEM
- Performed cybersecurity test for both low and high performance controllers
-
- Regulation(UNR 155) & Global Standard satisfactory test method
-
- Cybersecurity verification
(Static analysis, Dynamic verification, cybersecurity function verification) - Fuzzing test, Penetration Test
- Cybersecurity verification
Make sure that the Cybersecurity features are properly applied and
there are no Cybersecurity vulnerabilities.
there are no Cybersecurity vulnerabilities.
- Vulnerability scanning : Automated vulnerability testing for identifying known vulnerabilities in OS of AP or RTOS of MCU and etc.
- Fuzz testing : Testing to identify error/vulnerability by injecting random data
- Penetration testing : Testing to perform attacks exploiting known vulnerabilities and to derive unknown vulnerabilities