HydraVision

HydraVision is a platform as a service, that integrates automated security testing into ECU lifecycles, ensuring compliance with the latest directives and standards like UNECE R155 and ISO/SAE 21434. Our smart Security-Test-Environment enables automotive suppliers not only to easily comply with the new directives and standards, but also to perform real, hands-on cybersecurity testing on their products, automatically and remotely. New threats (CVEs) reported by developers, dissecto research or third parties such as Auto-ISAC or ASRG are proactively monitored and tested, without the need to create new attack vectors against your system.

Features


  • Customizable User Dashboard: Intuitive user dashboard that allows each user to tailor their interface according to their preferences and workflow
  • Full Remote Access: All project participants can manage and monitor security tests conveniently from their location 
  • Notifications & Alerts: Receive immediate updates on the status of your safety tests and be informed of any status changes
  • Security Reports:  HydraVision produces detailed and insightful security reports that provide a comprehensive overview of test results, vulnerabilities and security gaps 
  • Testcase Editor: Easily create, modify and customize test cases to ensure they cover the unique requirements of your system and organization 
  • User- & Group Management : Assign roles based on responsibilities, control access to system relevant data, and optimize collaboration within the security testing environment
  • CI/CD Integration: Seamlessly integrate HydraVision into your CI/CD pipeline and automate security testing processes to identify vulnerabilities early in the lifecycle

Applications

  • Embedded Systems
  • Automotive Systems
  • Industrial Systems
  • Aviation & Aerospace Systems
  • Maritime Systems
  • Defense Systems
  • IoT (Internet of Things) Devices
  • Medical Devices

V-Model

Benefits for Project Managers:
  • Verification and validation of security functions 
  • Time- & cost-saving
  • Easy User Management
  • Status & Reports
Benefits for Developers:
  • Rapid detection through logfiles
  • Immediate feedback after fixes
  • A-Spice conformity
Benefits for Testers:
  • Overview over all DUTs and Projects
  • Debugging functions against target
  • Testcase Editor
  • Intuitive IDE 
Benefits for Serial Support:
  • New threats are automatically reported by third parties (e.g. Auto-ISAC & ASRG)
  • Continuous supervision
  • UNECE conformity

Protocols & Interfaces

  • UDS
  • GMLAN
  • DoIP
  • TCP
  • UDP
  • IPv4 & IPv6
  • DHCP
  • DNS
  • HSFZ
  • SOME/IP
  • UART
  • XCP
  • CAN + CAN FD
  • (Automotive) Ethernet
  • UDP
  • JTAG
  • OBD
  • GPIO

Validation & Security Testing

HydraVision is a robust security validation and testing solution, comprising four integral layers to fortify digital defenses: 

Commencing with interface-level tests, HydraVision scans low-level drivers for potential vulnerabilities. The second layer involves comprehensive testing of protocols, assessing their robustness and identifying potential weaknesses. Additionally, HydraVision introduces fuzzing techniques to enhance the precision of security evaluations.

The third layer encompasses the evaluation of complex security controls and functions, ensuring a comprehensive examination of the system’s defensive capabilities. 

Finally, HydraVision addresses the tip of the cybersecurity iceberg by providing dedicated security tests for known Common Vulnerabilities and Exposures (CVEs), fortifying the system against identified threats. 

This multifaceted approach positions HydraVision as a feature-rich library, offering automation for security tests across diverse levels, effectively safeguarding against a spectrum of potential risks.

Customer journey

By combining penetration testing with our HydraVision PaaS you can continuously evaluate the integrity and security of a given system. Whether you’re in development or at the very end of the product life cycle. The image below describes the usual order of events in this case:

*product specifications and features are subject to change without prior notice as we continuously strive to improve our products