Automotive
100+ successfully completed projects
The SCHUTZWERK GmbH has been working with various vehicle manufacturers and suppliers for many years. The following areas exemplify the activities of the last few years::
Holistic penetration tests of vehicles (from cars to trucks)
- We usually also carried out a review of the security concepts beforehand
Penetration tests of control devices (e.g. for driver assistance systems, parking control, central powertrain control, charging and battery management, inverters, DCDC converters, DC / AC chargers, air suspension control, radar, positioning, steering)
- Most ECUs already used certificate-based authentication methods for diagnostic access and SecOC to secure bus communication
- Many units also had extended security mechanisms such as HSM integration or Secure Boot
- For a large part of the projects, we carried out a review of the security concepts in advance and a source code analysis as part of the penetration test
Penetration tests of head units (instrument clusters and entertainment components)
Penetration tests of OBD adapters and mobile applications
In-depth security analysis of automotive SoCs and microcontrollers
Evaluation and creation of security concepts for different architectures of connectivity and fleet management solutions
Between 2019 and 2022, SCHUTZWERK worked together with 15 different partners from industry and science in the BMBF-funded research project Security For Connected, Autonomous Cars ( SecForCARs ). The project explored new approaches for IT security within autonomous vehicles. A key issue here was the simultaneous consideration of safety and security. SCHUTZWERK supported the project with its experience in the areas of automotive security analyses, vulnerability disclosure processes, risk analyses and risk management. Here, SCHUTZWERK participated in the development of new methods and tools for security analyses of autonomous vehicles. Please refer to our blog for further information about the results.