Security Testing Tools

AutoCrypt CSTP

Comprehensive automotive cybersecurity testing platform
automotive cybersecurity testing platform featured image

Automotive cybersecurity testing on a comprehensive platform.

According to UNECE’s Regulation 155, automotive cybersecurity testing must be done periodically to identify and mitigate potential vulnerabilities. However, given the various sets of testing tools, managing all individual testing processes and results can be time-consuming and inefficient.

AutoCrypt® CSTP (Cybersecurity Testing Platform) is an integrated, comprehensive platform that offers a variety of security tests and validations and allows them to be executed and managed on one single platform. The platform is compliant with globally recognized standards and regulations like UN R155/156 and ISO/SAE 21434, and users can manage and share standardized test results between internal parties and external authorities, enabling faster decision-making and streamlining the Regulatory Compliance process.

Product Lineup

– Delivers security testing based on global standards and regulations, adaptable to various vehicle environments

– Offers flexible licensing

– Offers customizable set up to meet needs of different OEMs, Tier-1s, and evolving technologies

– Supports fuzz testing aligned with WP.29 UN-R155, ISO/SAE 21434, and covers all service items in ISO 14229, providing test results required for Vehicle Type Approval (VTA) certification

– Offers highly reliable results through advanced logic and vehicle-specific features (DTC reading, CAN DB utilization, etc.)

– Test continuity for exceptional scenarios, DUT status monitoring, and automatic ECU reset also available

– Verifies proper operation of in-vehicle security features with ISO/SAE 21434

– Checks compliance of security applications like Secure Boot, Secure Flas, Secure Debug

– Offers customized testing and precise analysis tailored to vehicle environments

– Test results delivered in certification-grade reports, providing security validations to meet OEM requirements

Use Cases

Testing and Consulting Service References

Company A – South Korean Testing and Research Institute

Developed integrated automotive cybersecurity evaluation technologies, including:

  • Stability testing and evaluation for cybersecurity
  • Vulnerability verification and threat response systems

Company B – Tier 1 Supplier

Performed Fuzzing and Penetration Testing on ESC controllers for a global North American OEM:

  • Derived test case items based on UN R155 threats and attack methods
  • Identified vulnerabilities and threat scenarios through controller interface and external access point analysis 

Company C – Tier 1 Supplier

Delivered cybersecurity consulting and Penetration Testing:

  • Provided ISO/SAE 21434-based consulting and engineering support
  • Conducted TARA-based threat analysis, security concept development, and Penetration Testing 

Company D – Tier 1 Supplier

Conducted Penetration Testing on AVN controllers for a global European OEM:

  • Identified vulnerabilities in AVN communication protocols (CAN, Ethernet, Wi-Fi, Bluetooth, USB, etc.)

Company E – South Korean University / Research Institute

Delivered institutional-use license:

  • Provided research-focused license for cybersecurity testing and validation

Company F – Global OEM

Supplied regulatory compliance solution for European vehicle cybersecurity:

  • Delivered testing tools aligned with cybersecurity requirements

Company G – South Korean SME

Provided cybersecurity solution for EV charger manufacturing:

  • Delivered tools for compliance and vulnerability response in charging systems

Company H – International University / Research Institute

Delivered research-use license for overseas institution:

  • Provided customized licensing for academic cybersecurity testing environment

Related Resources