The Challenge

  • A TIER1 supplier develops a telemetry module for an OEM. The field of application in the target system requires a high level of system security. Therefore, Penetration Testing has to be integrated into the development processes.

The Approach

The project consisted of 3 phases:

  • In phase 1 analysis, the requirements are analyzed
  • In phase 2 a risk assessment was executed
  • In the last phase penetration test concept was formulated

Result & Added Value

  • Identified security requirements (client, internal, project specific) with respective test level (internal/external) and verification criteria
  • Security Risks evaluated with an attack tree-based approach
    • Identification all relevant Assets
    • Identification of project relevant security goals
    • Identification of project relevant security objectives
    • Generation of all threats
    • Evaluation of all threats or vulnerabilities (building the attack tree)
  • Analyze of the system under test regarding the implementation of test cases, Assessment of tools required for test cases implementation
Gabriel Krämer
Head of Cybersecurity
We are here to help

Connect with us

Need support in developing your technology solutions? Let’s have a conversation about your projects and explore how we can create value together.