Security Consulting Services

Mastering Security for your Embedded Products and Systems

Consulting – expertise – audit – tests – Training

SERMA Security Consulting teams offer solutions adapted to each industrial challenge, from a focused support to the global solution. Our experts provide a unique and multisectoral expertise and can help you for every step of your product’s lifecycle.

Securing your embedded products and systems is a great industrial challenge:

  • Products are connected to the open world
  • Products are designed and manufactured in a connected environment

Embedded systems match public technologies more and more, with its associated risks:

  • Denial of service
  • Integrity affection
  • Data compromise

You have to protect the assets of your customers, but also yours, prove and guarantee a secure functioning to your customers and ensure the integrity for your product / system.


 

Based on their knowledge of schemes and standards, our experts help you define the correct security target, depending of:

  • The current security assessment level
  • The criticality of the system
  • Security criteria
  • Affordable expenses

 

SSAL1: Fighting against non-expert attacks, with basic equipment

  • Objectifs de sécurité informels : montée en compétence des équipes, tests de pénétration, …
  • Référentiels ciblés : guides ANSSI, méthode EBIOS

SSAL2: Fighting against security specialist attacks, with basic equipment

  • Objectifs de sécurité élémentaires : évaluation de sécurité de premier niveau, formalisation technique / fonctionnelle / organisationnelle du système, …
  • Référentiels ciblés : SSAL1, CSPN, ISO 27000

SSAL3: Fighting against security specialist or skilled hacker attacks, with enhanced equipment

  • Objectifs de sécurité standards : démarche de sécurité forte (type Critères Communs EAL3+), homologation « Diffusion Restreinte », …
  • Référentiels ciblés : SSAL2, CC, I.I 901

SSAL4: Fighting against State-level or security lab attacks, with bespoke equipment

  • Objectifs de sécurité renforcés : démarche de sécurité soutenue (type Critères Communs EAL4+), homologation « Défense » / OTAN / EU, …
  • Référentiels ciblés : SSAL3, CC, I.G.I. 1300

 

Serma-security