We develop both ECU software (that runs in the vehicles) and independent tools and products that are used for testing and development of security features.
Examples of current and upcoming projects include:
- Creation of standardised, platform-based software solutions for security problems common across ECU's - e.g. secure activation of debug features, secure boot, data-at-rest encryption and secure delete, initial (factory) key provisioning, as well as middleware-based solutions such as crypto-API's, privilege proxy, etc.
- Contribution to the development of a standardised secure OS/TEE solution for all vehicle ECU's - including CA/TA development
- Integration and bring-up of security features on various hardware platforms - e.g. secure OS/TEE, IDS
- Creation and population of databases - for example for incident response and field monitoring
- Development of a security test automation framework and automated security tests
- Development of tools/scripts/utilities for integration in the CI/CD pipelines to achieve "shift-left" in the DevSecOps sense