security_bertrandt.jpg

Security from Concept to Test

The secure way

In times of digitalization and connectivity, systems become more and more complex and the number of potential vulnerabilities increases.

With our profound expertise in security development and security testing we support you in  identifying security threats as well as revealing and fixing ineffective protective mechanisms. To do this, our security experts analyze your systems, test the effectiveness of existing security functions and assume the role of hackers to carry out simulated attacks.

Our customers include OEMs and system suppliers from the following sectors: 

Your benefits

Individual solutions
As a manufacturer- and industry-independent partner with a clear focus on your individual customer needs, we develop and test solutions for the specific security requirements of your product or system. Bertrandt is certified according to TISAX and offers confidential and secure handling of your data by our in-house experts.

One-stop provider
We deliver product security from one single source. Our services range from the examination of individual devices to complete systems as well as from function over communication to overall system testing. We analyze your products or systems for existing vulnerabilities and ineffective protection mechanisms and validate the implementation of your requirements.

Prevention of downtimes, follow-up costs and image damage
Our services help you to arm yourself against hacker attacks and thus avoid immense consequential costs, e.g. through drastic downtimes or product recalls, as well as possible damages to your image.

Our services at a glance

In the scope of risk and threat analyses, threats to products, IT systems or processes can be systematically recorded, structured and evaluated.

  • Identification of the systems, data and applications to be protected.
  • Documentation of the underlying architecture of all systems, data and applications to be protected
  • Identification of potential threats and possible security vulnerabilities
  • Documentation of the detected threats
  • Evaluation of the threats and assessment of the probability of their occurrence
  • Creation of a final overall threat picture

Parallel to the growing intelligence of vehicles and the increasing number of interfaces to the outside world, security functions are being developed as preventive measures against attacks. In the functional, integration and system test, the correct operation of individual safety functions as well as the proper interaction of the components and their effectiveness as an overall system are evaluated.

  • Derivation of test cases from the security concept
  • Requirements-based test on the basis of component or system specifications
  • Test of integration in the context of vehicle networking

To protect your products against unwanted access, our experts perform targeted attacks, uncover security issues and assess the vulnerability of your product or system for manipulations.

  • Penetration tests, robustness tests and web checks
  • White / grey hacking
  • Analysis, documentation and reporting of vulnerabilities
  • Optimized solution concepts for closing security gaps
  • Recommendations for risk minimization

The validation of security functions may require various types of test infrastructure. We are able to realize, provide and operate test systems ranging from purely software-based solutions to table-top setups and networked test benches.

  • Design and construction of component and system test benches
  • Provision and further development of our own test automation solutions
  • Security-specific tool know-how
    • Wireshark - analysis of data logs
    • Kali Linux - Linux distribution for penetration testing
    • Nmap - portscanning and version detection
    • Burp Suite and ZapProxy - web testing
    • Nessus - vulnerability scanning
    • Achilles - robustness testing
    • Defensics - protocol fuzzing
    • Metasploit - execution of known exploits
    • Aircrack-ng - vulnerability scanning WLAN
    • John the Ripper - test of authentications
    • Snmpwalk, DirBuster, nc, netstat
  • Automotive-specific tool know-how
    • Vector-Tools
    • dSPACE HiL toolchains

Your Contact

Christian Bohner

Head of Department Electronics & Virtual Testing Solutions

Your Contact

Florian Schmitt

Team Manager Testing & Software Development

Related Topics