Security Concepts

Once the decision to address risk has been made, a Cybersecurity Concept must be created that defines concrete mechanisms to be implemented. This must take into account not only the results of Cybersecurity Risk Assessment and existing stakeholder requirements, e.g., from an OEM, but also system design decisions already made, performance requirements for the system, and requirements from other disciplines, e.g., functional safety. This is necessary to truly develop cybersecurity into the system (“security by design”), avoid conflicts, and exploit potential synergies.

If multiple implementations of a security mechanism are possible, the effort and cost of each option must be weighed against its respective impact on the overall residual risk. After the Cybersecurity Concept has been defined in this way, Cybersecurity requirements must be derived and Cybersecurity aspects must be included in the architecture.

We can support all these steps with our experience and knowledge from numerous security engineering projects to define a cost-effective, standards-compliant, and state-of-the-art Cybersecurity Concept.

Project References

Automotive

Creation of a concept for checking the software integrity of an ECU in outsourced production

Learn more

Updates | Cybersecurity

Cybersecurity

Understanding the Cyber Resilience Act: Strengthening Digital Security
April 15, 2024

Cybersecurity

EU regulation for cybersecurity and digital product security: The Cyber Resilience Act
March 20, 2024

Cybersecurity

12 bugs per week: Is it time for a new automated negative testing approach?
March 6, 2024

Cybersecurity

The Importance of Vulnerability Management in the Automotive Industry
September 4, 2023