Your Situation

  • Do you need to harden your systems against attacks from inside or outside?
  • Do you want to implement the state of practice methods and tools for integrated cybersecurity?
  • Are standards such as ISO 27001 (IT Security), ISO 21434 and SAE J3061 (automotive security) or ISO 15408 (common criteria for cybersecurity) relevant in your environment?

Cybersecurity is of a growing concern across industries. Security is absolutely mission-critical in most environments, because systems are increasingly open for external penetration and because attackers are eager to hack. Even worse security directly impacts functionality, user experience and safety, and thus has become subject to product liability. For instance, functional safety is not feasible without a concise approach to cover cybersecurity.

Based on the specific challenges of security, companies must ensure effective protection against manipulations of electronic systems. Key points in the development of protected systems are the proper identification of security requirements, the systematic realization of security functions, and a security validation to demonstrate that security requirements have been met.

Our Solution

Based on years of experience with Cybersecurity and Safety advises Vector Consulting Services with:

  • Vector SecurityCheck with risk analysis (TARA), trade-off assessment, prioritized proposals and initial methodical instructions
  • Interim Safety and Security Manager
  • Creating cybersecurity analyses and security concept for implementation
  • Develop, specify and check security requirements based on threat scenarios and Automotive Common Criteria
  • Sustainable implementation of ISO 27001, SAE J3061, ISO 15408 and forthcoming ISO 21434
  • Security testing with Penetration Test, code analysis and architecure evaluation
  • Methodology and tool support for security-oriented tests and resilience
  • Process assessments for your suppliers with focus on safety and security
  • Awareness training on cybersecurity for managers and developers
  • Training and coaching of managers and developers to the effective implementation of cybersecurity across the life-cycle

Your Benefits

Our expertise in practically working with many companies worldwide enables uniform and effective implementation of cybersecurity. By embedding professional cybersecurity methodology into the lifecycle, we ensure building the necessary competences and facilitate efficient yet thorough implementation.


Factsheets for download

Vector offers the complete cybersecurity portfolio. From basic software to tools for security consulting and auditing. Take advantage of our expertise in TARA, Design, Architecture and Code Analysis, Pen Testing, Security Verification, Fuzzing, Training and Coaching.

More information is available in our Security Solutions Factsheet. Get to know your advantages with us!


Our Security Verification and Testing service includes Architecture and Code Review, Static Code Analysis, Fuzz Testing and Pen Testing. It allows our experts to employ comprehensive security analysis from code and architecture level to targeted attacks, uncovering system weaknesses and potential risks. The methods and techniques used are similar to those deployed by hackers or crackers to break into a system.

Download our Factsheet Security Verification and Testing and learn more our our Cybersecurity competencies!


Reference Project

Initial Situation

A leading automotive OEM introduced software updates "over the air" (OTA). He had a lot of experiences with secure systems, but deliberately sought in this situation external support to implement thorough state-of-the-practice methods. With our risk based security methodology and broad global experiences in developing and maintaining safe systems Vector was the first choice.



Vector was asked to evaluate and optimize cybersecurity. First we did some workshops with the employees. This built the necessary initial security competences. At the same time we made the Vector SecurityCheck as an initial baseline. In addition we were able to evaluate the existing architecture and methodology. On this basis we initiated a comprehensive threat assessment (TARA: Threat and Risk Analysis). From the TARA results we derived security goals, which were then evaluated. It soon became clear that some mechanisms, such as secure boot, though necessary and effective, would take more time and effort than initially foreseen. With our risk oriented approach used we brought all necessary steps in a comprehensible framework. This framework was then implemented in the coming months - finally also adressinmg secure boot.



The risk oriented security methodology of Vector addressed the necessary threats with reasonable effort. At the same time we built a cybersecurity competence and culture in the company, which covered all relevant stakeholders in their respective roles.


Training and Coaching

Vector Consulting Services offers a comprehensive suite of training, competence evolution and coaching in the field of Cybersecurity:

  • Automotive Cybersecurity
  • Defensive Coding