Solution Overviews

Datasheet: Architecture Review

Issue link:

Contents of this Issue


Page 0 of 1

Component Datasheet Last modification: 20-12-2016 / 11:31 AM GMT+01:00 1 © 2016 Irdeto. All Rights Reserved. for automotive ARCHITECTURE REVIEW Creating secure products from the ground up Creating a truly secure vehicle takes an organizational commitment that starts before developers are involved. Catching vulnerabilities once designs are committed to code or, worse yet, ready for production is a Band-aid solution. It doesn't resolve two main problems: finding issues beyond the design stage can be expensive to fix, and developers are neither trained nor incentivized to write secure code. At Irdeto, we know first-hand the merits of eliminating vulnerabilities at the beginning of the design process, rather than through costly "find and fix" cycles. Which is why we offer an Architecture Review service. Our highly trained team of engineers and hackers evaluate system architecture and software design to create a complete risk assessment which identifies weaknesses before they are baked in. This enables OEMs and tier ones to activate corrective mitigations early, create a much more secure product and educate their engineering staff on cybersecurity best practices. Other benefits include: • Cleaner and simpler system design. • Dramatically less engineering churn and subsequent cost savings. • Improved confidence in-vehicle security. • Half the time of typical penetration tests with far superior results. • Greater lead-time for corrective action. BUILT-IN SECURITY Irdeto Architecture Review is a unique service that looks for cybersecurity vulnerabilities during the early stages of a product's lifecycle. It finds issues at the system architecture and software design stages to avoid costly re-engineering at the coding, validation and release stages. Based on Irdeto's 10+ years of security reviews for some of the world's biggest brands, it also provides thorough reporting that includes: • Detailed attack trees. • Complete attack vector assessments outlining severity, potential, probability, controllability, etc. • Multidimensional ratings for financial, operational, privacy and safety risks. • Suggested mitigations and security requirements.

Articles in this issue

view archives of Solution Overviews - Datasheet: Architecture Review