3S – Safe & Secure Systems

Introduction

We are your partner for the development of safe and secure systems. Functional Safety, Cyber and Information Security have become increasingly critical aspects of the overall product design and development in various industry branches. With our expertise in this area we assist not only in the application of Functional Safety and Cyber and Information Security Standards but also in establishing a lasting safety and security culture.

Approach

Our approach is skill-oriented and industry open. We combine cross-industry standards, like ISO2700x series and NIST SP-800 security framework, with industry-related norms, like ISO/SAE21434 or ISO 26262 for automotive.

Cyber Security and Functional Safety have close interfaces and synergies and for this reason we appeal to our well-established expertise from the latter in order to leverage combined risk and threat analysis, as well as safe and secure design and architecture.

Services & Value Added

We support you in designing efficient and transparent safety and security product life cycle processes and help to anchor them in your organisation. As safety and security experts we assist in your product development – from concept work to safety/security confirmation. Our service portfolio is summarized below:

  • Cyber Security Governance
    • ISMS-Implementation
    • CSMS-Implementation
    • TISAX-Implementation
    • SoC-Implementation
    • SUMS-Implementation
  • IT Infrastructure Security
  • Digital Twin Computing
    • Advanced Testing
    • Field Data Monitoring
    • Software Update Management
  • Automotive SPICE Consulting/Auditing
  • Cyber Security & Functional Safety
    • Management
    • Engineering
    • Risk Assessment
    • Auditing
    • Assessments
    • Analysis
    • Testmanagement
    • Penetration testing
    • Confirmation Services

Products & Value Added

In a customer and market oriented strategy we systemize our expert knowledge in software and/or consulting products. Our current product portfolio is summarized below:

  • Functional Safety Management / Engineering Coachings in e.g. ISO 26262
  • ISO 26262 Process Framework / Templates
  • Automotive Cyber Security Coachings in ISO 21434
  • Cyber Security Awareness Training
  • Cyber Security GAP-Analysis

Machinery

IEC 61508 – ISO 13849 – IEC 62021

The machine industry is subject to the Machinery Directive and a set of different, harmonized standards that are linked to it.

Automotive

ISO 26262 – ISO/PAS 21448 – ISO 21434

The automotive industry is evolving dynamically, maybe now more than ever. And standards and regulatory frameworks must keep pace with it.

We support our customers in implementing the classical ISO26262 processes as per ASIL B from scratch; as well as in mentoring and coaching it, to establish an independent safety culture able to cope with the complete safety life cycle.
The automotive cyber security standard focusses mainly on systematic approaches how to treat and mange risks in the automotive field. Risks must be treated (avoid, reduce, share/transfer, accept/retain) and cybersecurity concepts and requirements are a risk reduction measure in that respect.

We just built up our competences in the recently released ISO/PAS 21448 (SOTIF) standard and support one of our customer to perform a software dependency analysis (DFA) for a level 4 autonomy highway pilot.

Railway

EN50126 – EN50128 – EN50129

The railway industry is, like machinery, a highly regulated industry where the conformity with technical standards has a binding relation to directives and legal requirements.

We provide consultancy regarding the generic RAMS process standard EN50126, as well as corresponding technical standards for communication and signaling systems, related to software EN-50128 and to hardware EN-50129. Our expertise also reaches the overall and cross-industry Functional Safety norm, IEC61508.

Medical

IEC 60601 – MDR / FDA

The medical industry is a very high demanding and sensitive industry where the conformity with regulated standards has a binding relation to directives and legal requirements.

We provide consultancy regarding the IEC 60601 standard for the safety of medical electrical equipment. The IEC 60601-1 standard contains the general specifications for the safety of electrical medical devices and is intended to ensure that a first fault with regard to the electrical, mechanical, thermal or functional properties does not pose an unacceptable risk to the patient or the user.

Webinars

ASRG Webinar – Automotive Cybersecurity for engineers with functional safety background

Training Videos

Relationship between ISO 21434 cyber security terms

ISO 21434 – risk definition and determination

ISO 21434 – Impact rating and asset identification

ISO 21434 – Relation to other standards

Downloads

Automotive Cybersecurity Gap-Analysis

Training ISO 26262 (extract)

Training ISO 21434 (extract)

Contact

Nicole Wenzler

Head of Functional Safety /
3S Coordinator

Bogdan Gradinaru

Head of Cyber Security

Mihael Stanojevic

Head of Information Security Management