Automotive & Land Transport

Our Automotive & Land Transport Skill Center takes a comprehensive and pragmatic approach to cybersecurity challenges, taking into account recent regulations—such as the NIS2 Directive and the Cyber Resilience Act—which impose stricter requirements for the security of critical infrastructure.

Compliance with ISO/SAE 21434 and UNR155 standards for the automotive sector, as well as EN 50128, EN 50657, and CLC/TS 50701 standards for the rail sector, is becoming essential to ensuring the resilience of systems against cyber threats.

We offer our expertise to help companies assess, manage, and ensure compliance for their critical systems, while integrating these regulatory requirements through a pragmatic approach.

Securing critical embedded and industrial systems

As experts in cybersecurity for embedded and industrial systems (OT), we work to secure critical environments, whether in vehicles or on rail rolling stock. We follow best practices, including those from NIST and the ISA/IEC 62443 standard, to assess risks and recommend effective measures—particularly for railway signaling and interlocking.

Compliance of Critical Information Systems (CIS) image

Compliance of Mission-Critical Information Systems (MCIS)

Thanks to our PASSI LPM certification, we assist companies in ensuring the compliance of Mission-Critical Information Systems (MCIS) in the railway sector, providing protection against cyber threats. Our services cover both product risk analyses (TARA) and risk assessments of traditional information systems, ensuring a comprehensive approach to cybersecurity.

Audits, Compliance, and Regulatory Requirements

Our audits and compliance assessments ensure that systems comply with ISO/SAE 21434 and UNR155 standards in the automotive sector, as well as rail-specific standards such as EN 50128 and CLC/TS 50701. In addition, we ensure that our recommendations meet the requirements of the Cyber Resilience Act, a crucial framework for ensuring the security and resilience of critical systems against current threats. We also offer support for security by design, integrating security requirements from the design phase onward.

Customized security solutions

The protection of embedded and industrial systems (OT) is at the heart of our expertise. By combining our knowledge of embedded systems with an in-depth understanding of industrial infrastructure, we develop customized solutions based on the ISA/IEC 62443 standard to enhance resilience against threats.

Cybersecurity Challenges: Automotive vs. Rail

Although the automotive and rail sectors face similar challenges, they each have their own specific characteristics:

• Automotive: Cybersecurity must account for the coexistence of legacy systems with modern architectures such as Software-Defined Vehicles (SDV), which are centered around High-Performance Computers (HPC). These constraints must be taken into account from the design phase onward to ensure long-term security, while complying with the requirements set forth by regulations and international standards.

• Rail: Ensuring the safety of rail systems is a complex task due to the long duration of projects and the scale of investments involved. It is often impossible to re-certify the entire rolling stock after every update, making it necessary to incorporate safety requirements into the design phase to ensure long-term safety in compliance with international regulations.

Would you like to learn more about Scassi’s expertise in the automotive and land transport sectors?

Browse our job openings or request a callback from one of our sales representatives.

FAQ

Why is cybersecurity so important in the automotive industry?

Modern vehicles are increasingly equipped with connected technologies, ranging from infotainment systems to autonomous driving features. This connectivity increases the risk of cyberattacks. Cybersecurity not only protects user data but also ensures the physical safety of vehicles by preventing remote takeover of critical systems.

What are the main cybersecurity risks for land transport?

Land transportation—whether by car, truck, or train—is vulnerable to threats such as hacking of onboard systems, data theft, and attacks on critical infrastructure (charging stations, connected traffic lights). As transportation networks become increasingly interconnected, a single attack can quickly affect multiple sectors, making cybersecurity essential for infrastructure resilience.

How can we secure connected and autonomous vehicles?

To secure connected and autonomous vehicles, it is essential to implement encryption protocols to protect communications between onboard systems and external servers. Multi-factor authentication, over-the-air (OTA) software updates, and regular penetration tests also help strengthen vehicle security against cyber threats.

What are the cybersecurity standards specific to the automotive industry?

The automotive industry adheres to strict cybersecurity standards, such as ISO/SAE 21434, which defines security requirements throughout the lifecycle of in-vehicle systems. In addition, the European UNECE WP.29 regulation requires manufacturers to incorporate cybersecurity into vehicle design while ensuring that systems are continuously updated.

How does cybersecurity affect land transportation infrastructure?

Land transportation infrastructure, such as electric vehicle charging stations and traffic management systems, is a potential target for cyberattacks. A cyberattack can cause significant disruptions or even widespread outages. It is crucial to protect this infrastructure with appropriate cybersecurity solutions, monitoring systems in real time to detect and respond quickly to threats.

Business sectors