Cybersecurity & Data Privacy

The INVENSITY Center of Excellence Cybersecurity and Data Privacy is the competence center for all questions concerning IT security of embedded systems. Sustainability and traceability are our main focus. The systematic analysis of existing systems and the design of security concepts are for us the starting point of a secure system.

The systematic identification and evaluation of risks serves us as a basis for the definition of suitable measures. For the implementation of secure systems we rely on the methods of software and systems engineering as well as the methods of cybersecurity, such as secure coding or threat modelling.

Your contact

Jana Karina von Wedel
Principal Consultant

Get in touch


Cyber Security Development Process

INVENSITY offers a standardized and requirements-based solution to systematically identify risks and define appropriate measures. Based on the identification of the assets to be protected, the relevant threats and vulnerabilities are examined. On this basis, incident scenarios are described and evaluated with regard to their probability and their effects. The resulting risks form the basis for the definition of measures to reduce the determined risk value. The software-supported process includes comprehensive documentation to ensure the re-use of the acquired knowledge.

Secure Coding

There are no limits to what they can do. Even systems that use a cryptographically secure procedure are not necessarily free of side channel attacks. Besides vulnerable hardware, security holes are very common due to careless implementations. Programs that seem to be uninteresting for an attacker can also offer a possibility to infiltrate a system, if they have, for example, increased rights and a network interface. Therefore it is important to include the aspect of security in the programming, to stick to certain rules and to examine the program for errors like buffer overflows.

ISAT 4.0

High-quality, reliable and process-oriented security assessments are a fundamental part of the development process of cyber-physical systems. At the same time, these necessary threat analyses and risk assessments are very complex and correspondingly time-consuming and nerve-racking for security experts to perform.

Clarity, reusability as well as process and standard conformity are characteristics that lead to efficiency and quality improvements in this context. With ISAT 4.0, the INVENSITY Security Assessment Tool, we consequently tie in with these requirements and facilitate the execution of your security analyses.

Learn more


Based on our extensive and cross-industry experience, we have developed a clearly structured approach based on established and proven process models to help our customers integrate the topic of data protection into their development processes and products, thus ensuring compliance with applicable data protection regulations. This approach starts with a clear definition of the scope of the collection and processing of personal data as well as the relevant functions and interfaces.

Based on this, risks associated with the loss or compromise of personal data are analyzed and a strategy is developed to prevent data protection violations and to satisfy documentation regulations. Concrete technical and process solutions are then derived from this strategy and verification and validation criteria for them are defined.

Penetration Testing

A penetration test serves to identify all possible threats to a system. First of all, all important resources, which could become the target of an attack and possible side effects of an attack are recorded. Once the defense objectives have been defined, it is determined how an attacker can gain access to the resources to be protected and/or control over the system and how an attacker can cause undesired behavior of the system. For this purpose the system is analyzed and possible threats are estimated and categorized. Tests are carried out on the basis of the threats found.

During these tests it is important to look at different attacker models, not only to find out what possibilities an attacker has, but also to determine how likely an attack is. During these tests, new threats that were not previously considered can also be identified. After the evaluation of this data, protective measures can be planned and implemented.

Automotive Cybersecurity

Automobile systems are increasingly networked with each other and with the environment and implement ever higher levels of automation. This makes it necessary to deal with the entire issue of safety in a systematic manner, because safety of E/E systems has two dimensions. Functional safety is about protecting the environment from the vehicle. Cybersecurity, in turn, focuses on protecting the vehicle from the environment. In the development of modern vehicles and their software, the consideration of functional safety has long been an important part of development. At the latest since ISO 26262 (“Road vehicles – Functional safety”) came into force in 2011, the topic has been receiving increased attention. The topic of cybersecurity, on the other hand, has long been seriously neglected in the automotive industry. This has begun to change in recent years. Firstly, through the SAE Cybersecurity Guidebook J3061, which for the first time described a uniform procedure for cybersecurity in the automotive sector, even more so with the emergence of the new ISO 21434, whose DIS was published in February 2020. On the basis of our profound cybersecurity know-how gained in the course of numerous projects, we support our customers in the introduction and implementation of this new standard. Our many years of experience in the implementation of ISO 26262 as well as in the design of corresponding processes and the best practices gained from this are also used in this process.  The goal is clear: to develop secure automotive systems, “safe and secure”.

Threat Modelling

A threat model is a structured representation of all information of a system that is related to security. Through the process of Threat Modeling this information is identified, organized and analyzed. The goal is to uncover all threats and weaknesses of a system. In addition, lists of prioritized improvements of security, requirements, design and/or implementation are created.

Countermeasures are planned and implemented according to the impact of a threat. The Threat Model should accompany a product through its entire life cycle and be improved and specified in the individual phases of the cycle.