Digital Resilience Vehicle Assessment and Benchmarking Process
- Test and fix
- Secure by design
- Assurance and functionality
The Digital Resilience Vehicle Assessment process is a tiered approach, addressing a variety of test categories (described bottom right) and providing increasing levels of sophistication tailored to meet the needs of our clients. During the assessment, we help clients understand the risks of any potential vulnerabilities identified and offer further support to address them. We use our benchmarking database to provide an objective assessment of where clients stand with respect to competitors.
Vehicle Assessment Tiers
Baseline Assessment
|
We identify and categorise potential vulnerabilities that may be exploited and provide indication of their implications for driver safety and personal data protection. The Digital Resilience level is ranked with respect to competitors’ data and a cost effective fix is recommended.
|
Enhanced Assessment
|
In addition to the baseline assessment, we conduct penetration testing to exploit identified vulnerabilities to assess potential impact of a successful breach. The testing boundary is the same as the baseline but more physically intrusive and may include the analysis of OEM backend servers and applications.
|
Bespoke Assessment
|
A fully bespoke level of analysis tailored to the client’s requirements.
|
Digital Resilience Vehicle Assessment Test Categories

|
ECU Analysis
Attack Surface Layer 1
Analysising the resilience of embedded software systems to malicious manipulation
|

|
Subnetwork Analysis
Attack Surface Layer 2
Analysising the resilience of subnetwork communications to malicious manipulation
|
|

|
Vehicle Network Architecture Analysis
Attack Surface Layer 3
Assessing the resilience of vehicle network architecture design
|
|

|
Physical and Wireless Interface Analysis
Attack Surface Layer 4
Assessing the implementation of local communication interfaces
|
|

|
Long-Range Interface Analysis
Attack Surface Layer 5
Assessing the implementation of long-range wireless communication interfaces
|
|

|
OEM Servers and Applications Analysis
Attack Surface Layer 6
Investigation of accessibility from OEM servers and mobile applications
|