Your region/language settings differ from the requested site. Do you want to change to suggested region/language?
Your region/language settings differ from the requested site. Do you want to change to suggested region/language?
Your region/language settings differ from the requested site. Do you want to change to suggested region/language?
Your region/language settings differ from the requested site. Do you want to change to suggested region/language?
VectorConsulting Services

Automotive Cybersecurity

  • Do you need to harden your systems against attacks from inside or outside?
  • Do you want to implement the state of practice methods and tools for integrated cybersecurity?
  • Are standards such as ISO 27001 (IT Security), ISO 21434 and SAE J3061 (automotive security) or ISO 15408 (common criteria for cybersecurity) and UNECE (SUMS and CSMS) relevant in your environment?

Cybersecurity is of a growing concern across industries. Security is absolutely mission-critical in most environments, because systems are increasingly open for external penetration and because attackers are eager to hack. Even worse security directly impacts functionality, user experience and safety, and thus has become subject to product liability. For instance, functional safety is not feasible without a concise approach to cover cybersecurity.

Based on the specific challenges of security, companies must ensure effective protection against manipulations of electronic systems. Key points in the development of protected systems are the proper identification of security requirements, the systematic realization of security functions, and a security validation to demonstrate that security requirements have been met.

Our Solutions

Based on almost two decades of experience with Cybersecurity and Safety, Vector Consulting Services supports clients with:

  • Vector SecurityCheck with risk analysis (TARA), trade-off assessment, prioritized proposals, and security concept
  • Security testing with our own Penetration-Test lab
  • Supplier management and assessments for process and deliverables
  • Efficient implementation of ISO 21434 and related standards
  • CSMS and SUMS with UNECE standards R.155 for Cybersecurity Management System (CSMS) and R.156 Software Update Management System (SUMS)
  • Combining cybersecurity and functional safety with agile process frameworks and ASPICE
  • Methodology and tool support for security-oriented tests and resilience including code analysis and architecture evaluation
  • Interim Safety and Security Management to fill yur capacity and cometence gaps
  • Awareness training on cybersecurity with customized eLearning packages
  • Training and coaching of managers and developers to the effective implementation of cybersecurity

Your Benefits

Our expertise in practically working with many companies worldwide enables uniform and effective implementation of cybersecurity. By embedding professional cybersecurity methodology into the lifecycle, we ensure building the necessary competences and facilitate efficient yet thorough implementation.


ISO/SAE 21434 and Vector Solutions

Why ISO/SAE 21434
Scope of ISO/SAE 21434
We Offer

Cars are becoming more and more connected, and therefore vulnerable to the increasing cyber-attacks from the outside. This could severely threaten the safety of passengers and the public. However, the existing standards do not address the unique cybersecurity challenges in automotive engineering, e.g. safety, long life-cycle and use of embedded controllers. Thus, a uniformed guidelines and standards for automotive security need to be established.

ISO/SAE 21434 “Road vehicles – Cybersecurity engineering” is the future automotive security standard.  It is important for the automotive product development and all related processes.

The ISO/SAE 21434 will define common terminologies across the global automotive supply chain and drive industry consensus on key cybersecurity issues. It sets minimum criteria for vehicle cybersecurity engineering and provides a governance reference to point to for engineering quality.

Show more

The new ISO/SAE 21434 safeguards the entire development process and lifecycle of a road vehicle and promotes “security by design”. Following the V-model, it includes requirements engineering, design, specification, implementation, test and operation.

The ISO/SAE 21434 is therefore a process-oriented standard and helps define a structured process to ensure cybersecurity along the lifecycle. It will not prescribe specific cybersecurity technology, solutions or remediation methods.

Show more
  • Definition of development process and sustainable implementation in line with the new ISO/SAE 21434
  • Vector SecurityCheck with threat and risk analysis (TARA), trade-off assessment, prioritized proposals and initial methodical instructions
  • Security analyses and security concept for end-to-end safeguards
  • Development and specification of security requirements based on threat scenarios and Automotive Common Criteria
  • Security testing and verification with penetration test, Fuzz testing, code analysis and architecture evaluation
  • Methodology and tool support for security-oriented tests and resilience
  • Process assessments for your suppliers
  • Awareness training on cybersecurity and ISO/SAE 21434 for managers and developers
  • Training and coaching for managers and developers for the effective implementation of ISO/SAE 21434 across the life-cycle
  • Interim Safety and Security Manager


Show more

Customer Reference

"Vector Consulting Services is the right partner for Huawei. You helped us ramping up cybersecurity competences at Huawei with your experiences from TARA and security concept to verification and security testing."

- Li Hailin, Smart Car Solution, Huawei


"Vector Consulting Services is a good partner for Claas to implement cybersecurity. Claas had great benefits from the Vector team for TARA and Security Engineering."

- Alexander Grossmann, Manager, Claas


"Vector Consulting Services supported Panasonic with cybersecurity, demonstrating an outstanding level of expertise. The goal of a comprehensive TARA integrated into a security concept was achieved. The support was intense and very successful!"

- Michael Prantke, Project Manager, Panasonic


"Marquardt was positioned by Vector Consulting for automotive cybersecurity to make an independent and lasting impact. The feedback from our customers is consistently positive. You have made an important contribution to this."

- Oliver Huppenbauer, Cybersecurity Manager, Marquardt

Hands-on Video Tutorials

All Images Videos

Factsheets for download

Factsheet Security Solutions
Factsheet Security Verification and Testing

Vector offers the complete cybersecurity portfolio. From basic software to tools for security consulting and auditing. Take advantage of our expertise in TARA, Design, Architecture and Code Analysis, Pen Testing, Security Verification, Fuzzing, Training and Coaching.

More information is available in our Security Solutions Factsheet. Get to know your advantages with us!

Show more

Our Security Verification and Testing service includes Architecture and Code Review, Static Code Analysis, Fuzz Testing and Pen Testing. It allows our experts to employ comprehensive security analysis from code and architecture level to targeted attacks, uncovering system weaknesses and potential risks. The methods and techniques used are similar to those deployed by hackers or crackers to break into a system.

Download our Factsheet Security Verification and Testing and learn more our our Cybersecurity competencies!

Show more

Reference Project

Initial Situation

Initial Situation

A leading automotive OEM introduced software updates "over the air" (OTA). He had a lot of experiences with secure systems, but deliberately sought in this situation external support to implement thorough state-of-the-practice methods. With our risk based security methodology and broad global experiences in developing and maintaining safe systems Vector was the first choice.

Show more


Vector was asked to evaluate and optimize cybersecurity. First we did some workshops with the employees. This built the necessary initial security competences. At the same time we made the Vector SecurityCheck as an initial baseline. In addition we were able to evaluate the existing architecture and methodology. On this basis we initiated a comprehensive threat assessment (TARA: Threat and Risk Analysis). From the TARA results we derived security goals, which were then evaluated. It soon became clear that some mechanisms, such as secure boot, though necessary and effective, would take more time and effort than initially foreseen. With our risk oriented approach used we brought all necessary steps in a comprehensible framework. This framework was then implemented in the coming months - finally also adressinmg secure boot.

Show more


The risk oriented security methodology of Vector addressed the necessary threats with reasonable effort. At the same time we built a cybersecurity competence and culture in the company, which covered all relevant stakeholders in their respective roles.

Show more

Training and Coaching

Vector Consulting Services offers a comprehensive suite of training, competence evolution and coaching in the field of Cybersecurity:


Practical Cybersecurity with ISO 21434

Published on ATZ Electronics, 03-04/2022

Business IT and embedded product IT are converging into multi-purpose systems. The ISO 21434 standard on automotive cybersecurity provides guidelines to mitigate security risks in product, project, and organization. This article by Vector introduces to systematic security engineering following ISO 21434. It also provides practical examples from global projects for the efficient implementation of ISO 21434. 

How may we help you?

Anh Kim

Ingersheimer Str. 24
70499 Stuttgart, Germany
Phone: +49 711 80 670 1535
E-Mail: Anh.Kim(at)