Cyber security
- Home /
- Service / Solution /
- Cyber security
Supporting security activities in manufacturing
In the manufacturing industry, including the automobile industry, opportunities to use technologies such as DX, IoT, and CASE are increasing. Cyber security measures are becoming essential as this trend gains momentum.
Amidst this landscape, there is a worldwide shortage of cyber security personnel. In particular, the automobile industry is under pressure to comply with national cyber security laws, regulations, and standards, including UN-R155 (CSMS) and UN-R156 (SUMS), which were developed by WP.29, and the international cyber security standard ISO/SAE 21434. This shortage of human resources is a significant issue, compounded by the difficulties specific to the industry.
SOLIZE provides cyber security services that support the security activities necessary for manufacturing.
We provide support from the development phase, including threat analysis and other types of design analysis, implementation, and testing, to the manufacturing phase and onward, including manufacturing, use in the market, and disposal.
We also provide consulting services to help customers build these processes and systems.
Services
-
Security engineering service
We support security activities necessary in manufacturing such as threat analysis, creating of specifications, static analysis of software, and vulnerability testing (engineering and dispatching engineers).
Details here -
Security consulting service
Security consultants well-versed in manufacturing provide support for building processes related to the product lifecycle and building structures.
Details here
Security engineering service
Supporting security analysis and assessment work
In order to determine what threats there are for the product as a whole and for each component, and to assess the level of risk involved, a variety of analysis are required, starting with the identification of assets. The people who carry out such security activities need to have a thorough understanding of the mechanisms of the product and how it is used in addition to knowledge of security. At SOLIZE, we combine our experience in manufacturing with our knowledge of security to support analysis using the most appropriate structure.
Security testing support
In the phase from implementation to completion of development, various tests are also required from a security perspective. We support static analysis to check whether the source code created and third-party components used contain any vulnerabilities, as well as vulnerability diagnosis and penetration testing for the final product.
When conducting these tests, a large number of test items need to be prepared, tests need to be executed, and the results need to be organized; and an understanding of the product mechanism, the manufacturing approach, as well as security knowledge is necessary for each phase.
| Test classification | Overview |
|---|---|
| Static analysis |
|
| Vulnerability diagnosis |
|
| Penetration |
|
| Testing |
|
Security consulting service
Optimization of work processes in the product life cycle
The automobile industry has been developing post-development and manufacturing processes and systems to comply with security regulations. In the future, PDCA cycles will need to be run on these processes and structures to optimize the industry as a whole. In addition, as connected services become more widespread, there will be a need for closer collaboration between development and operations personnel, and a need to consider processes that include security to that or a DevSecOps approach. We will use our knowledge from SOLIZE's transformation consulting services to support the optimization of these processes and systems.
Security education support
Educating employees involved in security is also important when building processes and structures. SOLIZE has built a wealth of training knowhow through providing CAD training services and training its own engineers.
We will leverage this knowhow to support our customer’s security training.
