This is 40th webinar of Automotive Security Research Group. It will be available for all of more than 5900 members worldwide.
What to expect
Dr. Christof Ebert, managing director of Vector Consulting Services will present on Security Testing– From TARA, Test Coverage and Regression Strategies.
Cybersecurity is indispensable. The annual Vector client survey has pushed it as a top challenge. Security must be integrated to the life-cycle of product development and also after-market services. This webinar introduces security testing, and how to make it efficient.
Security verification and validation must combine a variety of techniques from static analysis to fuzzing and PenTest. While brute-force testing might sound appealing and easy to apply for detection of weakness at any place, it is expensive, inefficient and time consuming. Grey-box security testing starts with a mini-TARA and on this basis, we identify the attack vectors and focus our testing based on identified assets and risks. By this way we provide the system owners/manufacturers efficient, effective and foreseeable results in a shorter time range. The described cybersecurity testing provides several advantages, namely:
- Risk-based testing with a tailored and thus efficient grey-box methodology - Easy to understand, asset related results with a clear structure - Prioritized list of findings based on the impact categories
In this industry practice presentation, we will show practical usage. An industry case study from the medical domain will illustrate hands-on how to secure products, both for new and legacy architectures
Do you need to harden your systems against attacks from inside or outside?
Do you want to implement the state of practice methods and tools for integrated cybersecurity?
Are standards such as ISO 27001 (IT Security), ISO 21434 and SAE J3061 (automotive security) or ISO 15408 (common criteria for cybersecurity) and UNECE (SUMS and CSMS) relevant in your environment?
Cybersecurity is of a growing concern across industries. Security is absolutely mission-critical in most environments, because systems are increasingly open for external penetration and because attackers are eager to hack. Even worse security directly impacts functionality, user experience and safety, and thus has become subject to product liability. For instance, functional safety is not feasible without a concise approach to cover cybersecurity.
Based on the specific challenges of security, companies must ensure effective protection against manipulations of electronic systems. Key points in the development of protected systems are the proper identification of security requirements, the systematic realization of security functions, and a security validation to demonstrate that security requirements have been met.