IoT is becoming more and more part of our lives, touching a lot of areas from simple, smart devices automating our homes to sophisticated systems like autonomous driving with highly critical safety constraints. As all these devices connected to the Internet host sensitive information, start to exchange it, decide many times and take action based on these inputs, securing them effectively against malicious hackers shall be considered by design.
Being an active player for many years in embedded software development, Tremend can confidently claim a strong background in dealing with all these more and more sophisticated security challenges. The SW development process in Tremend starts from the initial security risk assessment, it goes through the security-aware design phase and ensures high-quality, secure coding standards-compliance.
Cryptographic and Security Modules Development & Benefits Provided
At Tremend, we have broad exposure to cryptographic modules and security-sensitive software solutions in different business areas. In particular, our Embedded Software department offers consultancy services in the field that may be a significant added value to your projects considering the following aspects:
- In-depth knowledge of cryptography theory, typical use-cases, and effective cybersecurity solutions for facing increasingly sophisticated attack vectors
- Professional support for identifying, developing, and deploying the best security-aware design solution either through software-only or relying on hardware accelerators
- High-quality software development processenabling compliance with security standards like ISO21434, IEC 62443, or PA-DSS
Relevant Contributions in Cryptography & Security
Telemetry System for Motorcycles
Tremend offered consultancy services to a motorcycle OEM for designing and developing an offroad motorcycle telemetry system. A critical part of the elaborated solution was to ensure ISO21434 compliance consisting of activities like:
- Security risks assessmenttaking into account the specificity of an Internet-connected telemetry system with access to internal vehicle interfaces
- Design an intrusion detection and prevention solutionthat detects new possible vulnerabilities and allows the deployment of countermeasures in a timely manner.
- Design an Over The Air (OTA)update solution for both backend and client with an intrinsic fallback path ensures the vehicle returns to a running state even in the case of a major software update failure.
Autosar MCAL Crypto module
A team from Tremend was involved in designing and implementing several Autosar BSW Crypto modules for a hardware provider on top of their security hardware accelerators. Below are some key points defining this collaboration:
- Identify typical security use-cases in the Automotive industryin order to map the available security HW accelerator features to the Autosar Crypto interface in an effective way
- Design and implement solutions for minimizing sensitive data exposurein SW-only security implementation.
- Seamless integration in the customer’s organizationby assimilating and following their Automotive SPICE processes and methodologies as a good base for further ISO21434 compliance.
Bluetooth Smart Lighting
Our experts offered consultancy for supporting messages signature and authentication based on AES-256 and ECDH algorithms.
Why choose Tremend as your Cybersecurity consultant?
During more than 15 years of delivering consultancy in software development, Tremend was involved in many diverse cross-platform projects, many of them addressing cybersecurity challenges in different industries like automotive, telecom, financial, retail, or public sector. And the embedded software components were many times part of these systems.
This legitimates Tremend’s confidence in our capability to offer security solutions in this growing interconnected world.
- Our software engineers’ proficiency in designing and developing IoT systems can efficiently boost the achievement of cyber-security solutions targeted by our clients
- Commitment to follow our clients’ developing procedures and standards like ASPICE, ISO 21434, IEC 62443, or PA-DSS.
- We support our partners in their efforts for certification acquisition by adhering to all requirements and practices stipulated by the certification process.
Contact us now to start your journey towards a winning automotive project.