TÜV Rheinland and VisualThreat announced a strategic partnership aimed at helping the automotive industry test, detect and remediate the increasing cyber security threats targeting next generation vehicles. VisualThreat’s cyber security technology and TÜV Rheinland’s testing facilities and experience will provide automotive industry and component manufacturers with complete testing services to ensure their automotive products are secure from cyberattacks and meet industry standards for secure performance.
“Combining our expertise in automotive safety and security testing, we are one of the first organizations chosen by ENX to test against automotive information security standards”, explained Frank Luzsicza, Executive Vice President, Information and Communication Technology, TÜV Rheinland Group. Based on the Trusted Information Security Assessment Exchange (TISAX), TÜV Rheinland is entitled by ENX to verify that manufacturers and service providers within the automotive supply chain meet the VDA ISA information security standard. “Now employing VisualThreat’s cyber security testing framework, we will expand our comprehensive vehicle security testing services from our testing labs worldwide to accelerate innovation and raise the standard in cyber security testing of next generation vehicles”, said Frank Luzsicza.
Cyber Security Testing in a Changing Threat Landscape
“Cyber security testing focuses on finding unwanted weaknesses or vulnerabilities hiding inside the vehicle software”, said Wei Yan, CEO at VisualThreat. “We offer an automated and black-box testing tool for OEMs and tier providers to test their vehicles or ECUs with repeatable results and requiring no prior detailed knowledge of the testing workflow.” VisualThreat’s Automotive Cybersecurity Testing Framework contains more than 30 testing checkpoints from the following categories: CAN bus probing, individual ECU testing, and CAN communication testing among several ECUs.
With advances in digitization, vehicle equipment becomes smarter as well: from control panels over MRO programs to classic GPS – vehicles contain a significant number of smart functions that enable them to work independently on many levels and are connected internally and externally. As every smart product, the connected car therefore becomes a target for cyberattacks. Due to the lack of security controls, connected-car solutions might introduce new threats to the vehicle. Those risks range from simply unauthorized data capture to more serious offenses such as vehicle or property theft, criminally malicious hijacking or even the possibility of remotely overriding critical systems and control, resulting in severe accidents. “Through our strategic partnership with VisualThreat we will deepen our services to prevent cyberattacks in vehicles and ultimately increase the safety of next generation vehicles on the roads”, concluded Frank Luzsicza.