With a growing number of industries becoming digitalized to cut costs and boost efficiency, the potential of cyber security measures and software-defined vehicles has been a hot topic for carmakers across the world.

Fescaro, a leading cybersecurity specialist, seeks to spearhead the change with its all-in-one cybersecurity solutions customized to meet the needs of its clients, in accordance with changing international standards. The European Union in 2022 introduced cybersecurity regulations, making it virtually impossible to enter the European market without meeting the new standards.

The United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations adopted UN Regulation No. 155, No. 156 in June 2020.

South Korea's National Assembly in February passed a bill that mandates carmakers to be certified by the Ministry of Land, Infrastructure and Transport on its cybersecurity system.

Fescaro provides comprehensive certification consulting and management, software update management and monitoring for the carmakers, contributing to the clients maintaining a competitive edge in the global market.

According to Fescaro, the company is the only South Korean firm to successfully consult for the four certifications related to the requirements of the UN Regulation No. 155 on cybersecurity regulation: the cyber security management system (CSMS), ISO/SAE 21434, software update management system (SUMS) and vehicle type approval (VTA). "This is the only case in South Korea in which a company proved its competence throughout the entire 'automotive life cycle of the original equipment manufacturer,' and such a case is rare internationally as well," the company said.

The company has conducted not only the consulting for vehicle cybersecurity but also the implementation of such a strategy. Fescaro's cybersecurity experts take part in software solutions, engineering for optimizing the solution, testing for verification, application on mass production vehicles, establishing and operating IT infrastructure for real-time management and developing a security gateway to handle security incidents involving the vehicle.

Based on such capacities, Fescaro has partnered with the leading automotive semiconductor manufacturers in the world, such as Dutch-American chipmaker NXP Semiconductors.

Fescaro said the company's key function is the capacity to proactively analyze and provide solutions for the risks that may occur. It explained that acquiring data for feedback is particularly important for cybersecurity, since software-defined vehicles can update their software even after its release.

DevOps, adopted by the company, is based on a two-phase development-operation system. The development phase is comprised of planning, coding, building, testing and releasing stages, and the operation phase consists of the deploying, operating and monitoring stage.

The data acquired from the operation stage is fed back into the development stage, which can then be applied in updated software for SDVs.

Fescaro stressed that a customized strategy for clients is important for SDVs, since each client has a different set of needs. As such, the company in the past even provided specialized solutions for its clients. In one case, the client's requirement was for it to provide a solution that addresses the cybersecurity needs on the level expected from using the hardware security module.

The company's client-customized security gateway solution service develops software and hardware for the signaling gateway in accordance with a client's needs, effectively reducing the overlapping functions among the electronic control units.

Fescaro is a vehicle cybersecurity specialist that has gone through all major certification processes (CSMS, ISO/SAE 21434, VTA, SUMS). It is the only company in Korea to have obtained what is referred to in the field as the "grand slam of vehicle cybersecurity certification consulting.” - Ed.