Cybellum, the leading Automotive Cybersecurity Risk Assessment solution provider, announced that it has teamed up with Korea’s Gwangju Green Car Promotional Center, GIGA, to deploy an automated vulnerability management solution on GIGA’s testing lab.
GIGA is a government center established in 2010 as a hub for testing and certification of eco-friendly automotive parts. It operates various policy and corporate support programs for the development of the automobile industry in Korea, strengthening its competitiveness in auto parts development and supporting the security of key technologies in the future automobile industry. They serve some of the largest OEM and Tier 1 suppliers in Korea, all requesting validation of their compliance with UNECE WP.29 regulation, soon coming into effect. In GIGA’s core values lies the pursuit of efficiency and professionalism, always striving to further advance Korean automotive technology.
With the increase in software and data usage brought about by the introduction of connected cars, GIGA chose to implement Cybellum’s Cyber Digital Twins platform to create an AI automotive ecosystem, verify the security of auto parts’ firmware, and validate their compliance with new cybersecurity regulations like UNECE WP.29. COONTEC, Cybellum’s partner in Korea, deployed the solution.
Cybellum’s solution allows the GIGA operation to scale quickly to address local industry growth. Through this, GIGA is able to shorten the time-to-market of its certification process while ensuring the highest security standard to which GIGA has always committed.
GIGA uses Cybellum’s Cyber Digital Twins platform to scan their customers’ embedded components. Once scanned, the Cybellum platform automatically creates a detailed digital replica of the component including its BoM, interfaces, operating systems configuration, encryption mechanism, hardening and mitigation mechanism, API calls and more, all with no access to its source code.
Cyber Digital Twins identifies any potential vulnerability or threat within its code, and automatically filters out irrelevant vulnerabilities in line with standards and regulations. It also identifies any gaps against industry regulations or security policies. It then prioritizes the risks that matter most to provide remediation guidelines in time for start-of-production (SoP).
To further enhance the process, COONTEC provides GIGA’s automotive customers with training services, based on the Cybellum platform. The training helps them to verify the requirements of automotive cybersecurity standards, including UNECE WP.29, so that they can establish the process to address compliance issues.
“With automation comes the ability to scale, and in this case, to process more automotive components, review more lines of code within those components and do it with more accuracy and speed,” explained Michael Engstler, co-founder and CTO of Cybellum. “Given the new standards and regulations that are redefining the automotive industry, OEMs and suppliers must be tested and certified as adhering to industry regulations, requirements and security policies. Being able to efficiently serve the industry at scale was a major goal for GIGA, a goal they were able to achieve by automating the entire firmware testing process with Cybellum’s platform.”
“Deploying Cybellum Cyber Digital Twins platform at our labs is part of our broader vision to create an ecosystem that supports the vibrant Korean automotive industry,” said Jin Beom Kim, at Senior Research Engineer of GIGA. “Being able to use the platform for validating the security posture of our customers, we shorten the assessment process and time to resolution, increase the accuracy of our cyber reporting and improve the compliance of our customers with standards and regulations.”