Embedded Computers ...

... run essential processes we rely on:

energy and utilities, industrial production and mobility.

Cyber Threats ...

... endanger the integrity, reliable operation, safety and information security of critical processes.

ProtectEM ...

... offers guidance and holistic solutions to defend against cyber threats and ensure reliable and stable products and operations.

About ProtectEM

We provide cyber security guidance and solutions to customers in the areas of industrial operations, industrial automation, machine building, manufacturing, energy generation and distribution as well as automotive and other embedded systems. As consultants we guide you through the entire security life cycle process starting from the initial risk assessment and the subsequent definition of a cyber security roadmap with derived actions. We can help you to implement these actions and sustain the improvements. We audit and certify the security for automation systems and components according to the latest standards most notably IEC 62443. As it is not merely enough to look at product security, we also help to implement security by design procedures in your R&D organization. Our embedded cyber security technologies like intrusion detection, communication security and secure embedded system architectures may assist you to a headstart and competitive advantage when you take on security leadership in your business segment.

Get in Touch

The Cyber Security Plan-Do-Check-Act Cycle.

Plan: Risk Analysis

Assess risks using a Cyber-FMEA process.

Threats are rated by their likelihood and detectability. The impact of a realized threat is assessed as damage severity. A ranked risk report is generated.

The risk report is the basis for deriving measures to mitigate the risks. The ranking gives guidance to prioritize measures. Low hanging fruits are identified. Managers and specialists acquire a better understanding and confidence for handling cyber security.

Next Step: Do →

Do: Risk Mitigation

Establish a consistent security level.

Security is merely as good as the weakest link. Only a holistic approach will therfore succeed. Based on the prior risk analysis a security roadmap is planned and implemented. Actions typically comprise staff and management training, processes, guidelines and procedures as well as technical measures.

For industrial and embedded security the IEC 62443 has become the accepted global standard. Together with ISASecure, BSI Grundschutz, OWASP and other current and evolving security frameworks it provides reference and guidance for chosing relevant and efficient actions for better security.

Next Step: Check ↓

Act: Continuous Improvement

Enforce, maintain and monitor.

Changes and improvements in processes have to gain traction and consolidate. Product design changes need to prevail as security by design principles. New threats evolve and require responsive action.

Cyber security becomes a continuous undertaking. The cyber security Plan-Do-Check-Act cycle is used determine and carry out incremental changes on a regular basis.

Next Step: ↑ Plan

Check: Quality Assurance

Review and assess that measures are effictive.

QA is a key element of any cyber security program. Perform a cyber security audit to assure your actions have the desired effect. An audit according to IEC 62443 provides objective and measurable feedback and is required to assure that the desired security levels have been achieved.

An audit certificate demonstrates to customers and partners as well as your own management and staff that cyber security is taken seriously. It becomes a competitive advantage now but may very well be a basic requirement not long into the future.

Next Step: Act ←

Prof. Dr. Andreas Grzemba

Andreas has been strongly involved in shaping today's landscape of automotive and building automation communication systems. He is author of several books on automotive networks and numerous papers. As Vice President of Applied Research and Technology Transfer at Deggendorf Institute of Technology he is instrumental in driving the university's technology and innovation strategies. As managing partner he drives ProtectEM's operations and technology strategy.

 

 

Prof. Dr. Peter Fröhlich

Peter has held management and executive positions with key players in industrial automation and industrial networking. His visions and strategic drive have helped employers and clients to advance their innovation leadership positions. Peter teaches embedded systems and innovation management as dean of the mechanical enginering and mechatronics department at  Deggendorf Institute of Technology. As managing partner Peter accounts for ProtectEM's sales, marketing and finances.

 

 

 

Strong Technology Partner: Deggendorf Institute of Technology

Logo of Deggendorf Insitute of TechnologyProtectIT, a DIT institute, is ProtectEM's strong partner for applied research with focus on industrial cyber security. ProtectIT works with research partners on latest cyber security technologies, like anomaly detection and specifically intrustion detection, trusted computing and secure platforms, protection of communication links against tampering and evesdropping. ProtectEM was founded by the same group of cyber security experts that has initiated ProtectIT. Both team up to provide the latest in technology, realible guidance and efficient solutions to partners and customers.