3 min. reading time

Integration will enable automakers to better understand their Software Bill of Materials (SBOM) to achieve compliance with ISO/SAE 21434

Chicago, USA, Lünen, GERMANY – itemis, a leading IoT software and consulting company today announced it has partnered with BlackBerry to help automakers and Tier 1s improve their overall cybersecurity posture in the face of an expanding threat landscape as the volume and complexity of software within vehicles increases.

As part of the agreement, itemis will integrate their “SECURITY ANALYST” Threat Analysis and Risk Assessment (TARA) solution with BlackBerry® Jarvis® to enable automakers and their suppliers to comply with the latest automotive cybersecurity standards, including ISO/SAE 21434. BlackBerry Jarvis is a binary software composition analysis (SCA) and security testing tool, designed to detect and list open-source software and software licenses within embedded systems, as well as cybersecurity vulnerabilities and exposures. It performs a thorough scan of the software binary and produces a software bill of materials (SBOM), offering deep actionable insights in a fraction of the time it takes for security professionals to manually perform these tasks.

With professional services from itemis, BlackBerry Jarvis users will now be able to understand key findings in the areas of software composition analysis and security testing in context and evolve threat and risk models in real time.

“itemis is very excited to partner with BlackBerry to automate vulnerability identification so that OEMs have a holistic picture of the software composition of their vehicles and mitigate cybersecurity risks, IP disputes, and regulatory non-compliance,” said itemis Inc. President Jonathan Mohring. “Utilizing BlackBerry Jarvis in combination with our Security Analyst solution provides valuable context to identified vulnerabilities in automotive software and leads to more comprehensive Threat Analysis and Risk Assessments of automotive systems.”

“BlackBerry is pleased to collaborate with itemis to help improve both security and safety across the automotive industry,” said Grant Courville, VP, Products and Strategy at BlackBerry QNX. “With a focus on automation, BlackBerry and itemis will look to drive improvements in the area of vulnerability discovery and risk management to help make threat assessments more tangible for OEMs whilst increasing the threat context in vulnerability detection.”

For more information on BlackBerry Jarvis please visit BlackBerry.com/Jarvis.

About itemis Inc.

itemis is a multi-award winning IoT software and IT consulting company from Germany. As a hidden champion, itemis provides the market-leading, model-based cybersecurity solution for performing automotive threat assessments and risk analyses (TARA) known as Security Analyst. itemis was founded in 2003 in Luenen, Germany and has deep expertise in model-based tooling and embedded systems engineering. Major automotive OEMs and Tier 1 suppliers within the automotive industry rely on itemis for its exceptional software products and IT-related services. itemis has locations around the world including in the USA, in Chicago, IL.