The itemis blog

Accumulated IT knowledge

Cyber security, Automotive industry, ISO/SAE 21434 Standard, tara

Risks of Excel as a tool for cybersecurity in the automotive industry

The automotive industry is facing ever new cybersecurity challenges. Vehicles and their systems are becoming increasingly connected and complex, making them more vulnerable to security threats. To address these threats, the automotive industry has developed the ...

by Wolfgang Neuhaus

3 min. reading time
Cyber security, ISO/SAE 21434 Standard

ISO/SAE 21434 standard: Security in motor vehicle industry

The automotive industry is changing rapidly. Increasing digitalization and connectivity are revolutionizing the way we use our vehicles. But with new opportunities come new challenges, particularly in the area of cybersecurity. In this context, the ISO/SAE 21434 ...

by Dirk Leopold

3 min. reading time
Cyber security, Automotive

Customizing Threat Catalogs With itemis SECURE: Optimizing TARA Processes With STRIDE and MITRE Frameworks in Automotive

The threat catalog contains all of the threats that should be considered within the TARA process. There are some established formats for the threat catalog such as STRIDE or MITRE; and these can be incorporated within itemis SECURE. Additionally, itemis SECURE ...

by Matthew Moser

6 min. reading time
Cyber security, Press reports

itemis Partners with BlackBerry to Drive Improvements in Automotive Cybersecurity

Integration will enable automakers to better understand their Software Bill of Materials (SBOM) to achieve compliance with ISO/SAE 21434

by itemis

3 min. reading time
Cyber security, Automotive

6th Annual Auto-ISAC Cybersecurity Summit 2022

Franz-Josef Schuermann, Chairman of the Board itemis Inc., shares his vision for TARA Automation

by Matthew Moser

3 min. reading time
Software Development, Cyber security

Security by design in the automotive development process

In the automotive domain, security is becoming more and more important – especially for the new generations of connected, (semi-)autonomous vehicles. In this article, I’ll explain the basic concept behind the term “security by design”. You will also learn how to ...

by Dirk Leopold

10 min. reading time
Cyber security, IoT, Embedded

Secure Firmware-Over-the-Air Updates for ESP8266-based IoT devices?

IoT devices without a build-in firmware update capability make hardly sense. However, the implementation of the same on small devices can be quite challenging, and often is done at the expense of security. This article gives an insight into this problematic taking ...

by Stephan Eberle

4 min. reading time
Software Development, Cyber security, OpenPGP

OpenPGP on the Job – Part 8: SSH with OpenPGP and YubiKey

Being an employee in the IT myself, I often need to access remote machines. Most of the time, SSH and public key cryptography is used here. But although I do use OpenPGP for mail and data encryption, I still need an extra SSH key pair for this kind of remote ...

by Jan Mosig

15 min. reading time
Cyber security, IoT, Embedded

A Tool-Based Security Analysis – Part 2: Damage Classes And Potentials

In Part 1 of this blog series, we have seen how the attack potential of an attacking agent can be modeled. For our system, we also want to model the parts and aspects that we want to protect and the damage that can be done by an attacker. So as a next step, we ...

by Andreas Graf

3 min. reading time
Cyber security, IoT, Embedded

A Tool-Based Security Analysis – Part 1: Required Attack Potential

As Dirk Leopold pointed out in his post, security is one of the most strategically important concerns in the automotive industry in the future. We will be introducing the concepts of security analysis and how they are adressed in a tool, that we have been ...

by Andreas Graf

4 min. reading time

Next page >