PSIRT Building and Operation Consultation
A wide range of support by automotive security experts - by NDIAS
Overview
We support the building of a Product Incident Response Team (PSIRT) for your products and services.
Product security needs to be addressed not only during development, but also after production. Generally, when attacker's motivation, opportunities, and knowledge/technologies are satisfied, an attack could be performed successfully. Since IoT devices including vehicles are connected to the Internet, they are exposed to the attack opportunities. In addition, new vulnerabilities related to the Open Source Software (OSS) included in the products are daily reported, and we need to be prepared for to attacks that exploit them.
We support the development of internal rules/guidelines such as vulnerability information management and incident response procedures, to ensure that an organization get able to manage post-manufacturing security issues. We also provide support for ongoing activities after the establishment of the PSIRT, such as vulnerability information monitoring/management, alerting relevant organizations, and regular trainings for them.
Service Features
Consultants with experience in the automotive industry provide a wide range of support, including the building of PSIRT systems and operation after establishment.
Service Details
1. Build PSIRT
To meet the requirements of UN-R155, we define the activities with reference to ISO/SAE 21434 (Vulnerability/Incident Response), etc. While incorporating the opinions of the stakeholders, we will provide the following supports:
- Documentation of vulnerability management procedures
- Documentation of incident response procedures
- Assessment of PSIRT operation
2. Operate PSIRT
Continuously monitor vulnerability information by highly skilled experts with experience in the automotive industry. Considering the relevance and severity to the product, we alert the stakeholders when necessary.
- Provide vulnerability information sharing platform
- Triage/alert for vulnerability information
- Explicate critical vulnerabilities
We also provide regular training programs to ensure that vulnerabilities/incidents are handled appropriately in accordance with the rules/guidelines.
[Tips]
To meet the requirements of UN-R155, following aspects need to be fulfilled.
- Continuously monitor and keep updated on vulnerability information related to the products.
- Have a platform to share related vulnerability information.
- Have staff with the necessary professional skills for monitoring.
- Be able to determine the relevance of the vulnerability information to each product.
- Be able to determine which vulnerability need to be handled with priority.
Service Flow