Security Specification Development and Analysis

Specification development and analysis services from a unique perspective based on extensive experience in automotive security. - by NDIAS

Overview

We analyze the security specifications and design documents, and interview the people in charge of development. Then, we identify the perspectives which need to be reconsidered, and make recommendations on how to improve them.
By identifying security issues prior to product development, it is possible to reduce rework and correction costs due to inadequate security design.

Service Features

  • Automotive security experts

    Experts who have experience in vehicle security assessment and consulting and are familiar with practical attack methods, provide analysis and recommendations.

  • Unique analytical perspective that takes into account UN regulations, international standards, and other automotive guidelines

    We analyze your security specifications and design documents, taking into account UN regulations (UN-R155, UN-R156), international standards (ISO/SAE 21434), and other automotive guidelines (NHTSA Best Practice, JASPAR standards/technical documents, etc.).

  • Comprehensive analysis with systems that work with vehicles.

    To realize high functionality of vehicles such as automotive IoT and autonomous car, it is essential to take measures against cyber attacks on related services such as back-end servers. We comprehensively analyze security specifications and design documents along with web applications, web servers, and smartphone applications that connect to vehicles.

  • Analyzing security requirements and design documents

    We read the product's security requirements and design documents carefully, and interview the person in charge of development if there are any unclear points, so that we can understand the content of the documents correctly.

  • Identify issues from a unique perspectives

    We identify the issues by considering UN regulations (UN-R155, UN-R156), international standards (ISO/SAE 21434), and other automotive guidelines (NHTSA Best Practice, JASPAR standards/technical documents, etc.), integrating our accumulated knowledge of vehicle security assessment and design document reviews, and our unique perspective.

  • Propose necessary security requirements and design methods

    We present the necessary security requirements and design alternatives for the issues we have identified.

Service Flow

Flow of Security Specification Development and Analysis

 

Contact