Security Testing Tools
AutoCrypt CSTP
Comprehensive automotive cybersecurity testing platform
Automotive cybersecurity testing on a comprehensive platform.
According to UNECE’s Regulation 155, automotive cybersecurity testing must be done periodically to identify and mitigate potential vulnerabilities. However, given the various sets of testing tools, managing all individual testing processes and results can be time-consuming and inefficient.
AutoCrypt® CSTP (Cybersecurity Testing Platform) is an integrated, comprehensive platform that offers a variety of security tests and validations and allows them to be executed and managed on one single platform. The platform is compliant with globally recognized standards and regulations like UN R155/156 and ISO/SAE 21434, and users can manage and share standardized test results between internal parties and external authorities, enabling faster decision-making and streamlining the Regulatory Compliance process.
Product Lineup
– Delivers security testing based on global standards and regulations, adaptable to various vehicle environments
– Offers flexible licensing
– Offers customizable set up to meet needs of different OEMs, Tier-1s, and evolving technologies
– Supports fuzz testing aligned with WP.29 UN-R155, ISO/SAE 21434, and covers all service items in ISO 14229, providing test results required for Vehicle Type Approval (VTA) certification
– Offers highly reliable results through advanced logic and vehicle-specific features (DTC reading, CAN DB utilization, etc.)
– Test continuity for exceptional scenarios, DUT status monitoring, and automatic ECU reset also available
– Verifies proper operation of in-vehicle security features with ISO/SAE 21434
– Checks compliance of security applications like Secure Boot, Secure Flas, Secure Debug
– Offers customized testing and precise analysis tailored to vehicle environments
– Test results delivered in certification-grade reports, providing security validations to meet OEM requirements
Use Cases
Testing and Consulting Service References
Company A – South Korean Testing and Research Institute
Developed integrated automotive cybersecurity evaluation technologies, including:
- Stability testing and evaluation for cybersecurity
- Vulnerability verification and threat response systems
Company B – Tier 1 Supplier
Performed Fuzzing and Penetration Testing on ESC controllers for a global North American OEM:
- Derived test case items based on UN R155 threats and attack methods
- Identified vulnerabilities and threat scenarios through controller interface and external access point analysis
Company C – Tier 1 Supplier
Delivered cybersecurity consulting and Penetration Testing:
- Provided ISO/SAE 21434-based consulting and engineering support
- Conducted TARA-based threat analysis, security concept development, and Penetration Testing
Company D – Tier 1 Supplier
Conducted Penetration Testing on AVN controllers for a global European OEM:
- Identified vulnerabilities in AVN communication protocols (CAN, Ethernet, Wi-Fi, Bluetooth, USB, etc.)
Company E – South Korean University / Research Institute
Delivered institutional-use license:
- Provided research-focused license for cybersecurity testing and validation
Company F – Global OEM
Supplied regulatory compliance solution for European vehicle cybersecurity:
- Delivered testing tools aligned with cybersecurity requirements
Company G – South Korean SME
Provided cybersecurity solution for EV charger manufacturing:
- Delivered tools for compliance and vulnerability response in charging systems
Company H – International University / Research Institute
Delivered research-use license for overseas institution:
- Provided customized licensing for academic cybersecurity testing environment
