Under the name Escrypt CycurRISK, security expert ETAS offers a software tool for threat analysis and risk assessment of vehicle software. OEMs and suppliers can thus already identify security vulnerabilities during vehicle development and systematically prevent cyber risks.
The UN R155 directive and other international regulations have made a risk-based approach to E/E architecture development a prerequisite for type approval. The ISO/SAE 21434 standard “Road vehicle – Cybersecurity engineering” also sets new standards for a security-oriented design of new networked vehicle architectures. Threat Analysis and Risk Assessment (TARA) is becoming a central component: cybersecurity risks can be identified and eliminated already during the development process and the risk analyses are continuously refined. Possible subsequent cyberattacks are effectively prevented, damage and consequential costs are avoided.
With Escrypt CycurRISK, the Bosch subsidiary ETAS now provides vehicle manufacturers and their suppliers with software that can be used to systematically accompany vehicle development and the subsequent phase via IT-supported threat analysis and risk assessment. In particular, OEMs and suppliers will in future be able to screen not only individual systems, but also the E/E architecture as a whole for security risks. Escrypt CycurRISK also makes it possible to map combined and particularly sophisticated attack scenarios. Lena Steden, ETAS Service Lead Security Engineering: “Traditional methods for assessing cyber risks are complex and not always efficient. With Escrypt CycurRISK, we enable automotive industry players to integrate risk management into their cyber security strategy across all components in a precise fit. They stay one step ahead of threats while meeting the requirements of the ISO/SAE 21434 standard and UN R 155.”