cybersecurity consulting services

The technology enabling cars to become hyper-connected objects is closely linked to embedded software and its ability to communicate with immediate and distant environments.

Car diagnostic and remote maintenance, entertainment systems, remote warning systems…these are examples of great car assets that are also sensitive points for automotive cybersecurity

In order to maintain high-quality connectivity in all circumstances and ensure the security of critical car systems, OEMs are urged to comply with cybersecurity regulations, such as the recent UNECE WP29

Thales support automotive OEMs and Tier 1 through expert consulting services to build cybersecurity regulation-compliant architectures, in their vehicles.

 

Thales Cybersecurity Consulting teams support automotive OEMs and their suppliers to build their cybersecurity strategy and implement the different steps required for a solid security-by-design architecture.
 

Security by Design approach: the foundation for end-to-end secure connected cars

As cyber threats evolve and vehicles are on the road for many years, Thales cyber consulting expertise promotes security by design approach.

The aim is to build robust security into the roots of vehicles that will ensure scalable cyber solutions for the many years of operation.
 

Thales Cybersecurity Consulting Services

#1 - Building a cybersecurity policy for regulation compliance

Thales elaborates a specific cybersecurity policy for connected vehicles and embedded architectures within the IT/IS perimeter.

The implementation of this policy will then facilitate the alignment of the cyber strategy among the different stakeholders to communicate objectives and expectations to the different teams (conception, engineering, development…).

#2 - Assessing the risks of future connected cars

Thales conducts business risk analysis on the various ECUs and key functions that will be deployed in the vehicle to define threat models, attacker profiles, attack scenarios, and the global exposition to cybersecurity risk.

This dedicated analysis, together with the current regulations and the Cyber Threat Intelligence (CTI) data, helps us define the right architecture that will reduce and mitigate connected car and vehicle security risk.

#3 - Defining vehicle cybersecurity architectures 

The conclusions of the risk analysis and defined threat model lead us to specify the right technical security measures to implement in the global, comprehensive architecture (hardware, software, network, interfaces, functions…)

#4- Penetration testing for real security level assessment

Using dedicated methodology and penetration testing approaches, we find potential exploitable breaches on the different exposed surfaces, interfaces, and components.

This enables us to assess the real security level of architectures, ECUs, and off-board services, and further address anything needed. 
 

Thales supports you to limit the attack surface within the vehicle through an in-depth defense approach to the complete ecosystem. 

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.