Cybersecurity

Your project in the hands of recognized cybersecurity experts

/ Expertise / Cybersecurity

Design, develop & manufacture communication products in connected factories

The challenge of cybersecurity with several dimensions

The pandemic has accelerated the digital transformation already underway for several years. Among the sectors of activity, industry is particularly affected by this transformation with the Factory of the Future. This new vision of the industrial sector opens up the possibilities with great technological reinforcement: with more automated, more connected factories, the multiplication of sensors, robots and cobots, the cloud, real-time data processing, machine learning or intelligence artificial. Technologies that give shape to the IIOT – Industrial Internet Of Things – and make the factory of the future a reality.

This development calls for another: with the proliferation of IT systems alongside OT systems (Operational Technology, industrial equipment), the industrial system is more exposed to cyber threats. ACTIA, an industrial company, took the measures of these risks by implementing a global approach and solutions to secure its entire ecosystem (infrastructure, on -board systems, personal, third -party organizations, …).

Indeed, beyond the technical security aspects of ACTIA’s production environment, meeting these challenges requires addressing cybersecurity more broadly, at the level of business processes, people, supply chains, etc.

Beyond the protection objective, ACTIA incorporates cybersecurity as a strategic axis of its development, as a pillar of its on -board systems, as a condition for the success of its factory of the future, and integrating it into the sheet on the road to its innovations.

The group has put itself into battle order to treat cybersecurity as a condition for the success of its Factory of the Future and a guarantee of the reliability of its on-board systems.

When vehicle architecture connectivity and complexity lead to cyberrisks vulnerabilities

To improve performance and productivity, agricultural and construction machinery is increasingly integrating VtoX functions. The connectivity of these special vehicles is developing to accompany major innovations. In the agricultural sector, for example, new technologies have been deployed for self-steering tractors, robotized milking, drone surveillance of fields, or automatic temperature control in soil-less farms… all at the heart of increasingly complex and connected ecosystems.

This context increases vulnerabilities in terms of cyberattacks. ACTIA, a specialist in connected embedded systems, is particularly involved and active in the management of these vulnerabilities by integrating cybersecurity issues at a very early stage and throughout the life cycle of its products.

ACTIA participates in the definition of cybersecurity norms and standards

ACTIA’s experts are involved in the definition and writing of ISO / SAE 21434 standards concerning road vehicles cybersecurity, as well as in the UNECE WP29 regulations on cybersecurity and software updates for road vehicles. Thanks to this early involvement, ACTIA knows how to integrate the latest standardization requirements.

ACTIA also has experience in the certification of products according to the Common Criteria for Information Technology Security (ISO 15408), up to the EAL4+ level, in order to support its customers and partners throughout the life cycle of products and services.

ACTIA integrates cybersecurity at each step of the products and services life cycle

For each of its products and services, ACTIA assesses the level of cybersecurity to be implemented according to a method based on the ISO SAE 21434 standard. Applied throughout the life cycle, this method allows to manage risks that evolve over time. This methodology is essential to secure the products and services offered by ACTIA as well as, more broadly, the systems that embed these products and services. Beyond a proven and standardized method in a normative environment, each cybersecurity system is unique. Its relevance and efficiency rely on a close collaboration and partnership between ACTIA and each of its customers to properly assess and reduce risks at each stage.

During the tender phase, ACTIA assists its customers in defining their cybersecurity strategy. In particular, we evaluate the security of the product architecture according to the customer’s specifications as well as the compliance with regulations or standards (such as RGPD, UN-ECE regulations, ISO SAE 21434).

The design and development phase integrates all the best practices provided by the ISO SAE 21434 standard. ACTIA has mapped the cybersecurity activities and requirements in the product design and development process.

Software activities are subject to particularly demanding processes:

Use of an HSM (Hardware Security Module), to verify the authenticity and integrity of the executable software at product start-up (secure boot), for storing encryption keys, generating random numbers and performing encryption operations;
Secure software updates;
Disabling of debugging interfaces;
Mutual authentication between the product and remote servers;
Encryption of communications.

In the production phase and throughout the life of the product : ACTIA offers a secure and ISO 27001 certified production environment (Colomiers industrial site in France) and is able to ensure the maintenance of the cybersecurity of its products throughout their use and this in a contractual way.

A team entirely dedicated to product security

A dedicated team ensures that cybersecurity requirements are integrated and managed throughout the product and service life cycle. Particular attention is paid to telematics products, which are particularly sensitive, and for which ACTIA offers enhanced customer support. For example, the TGU-R telematics unit, dedicated to the special and commercial vehicles market, is accompanied by a « cybersecurity manual ». This manual enables customers to develop their applications independently and in compliance with the product’s security constraints.

For each project, ACTIA appoints a project manager dedicated to cyber security. This expert competence organizes the collaborative work on risk assessment and compliance with the various requirements.

ACTIA integrates security throughout its organization

Within the organization, a team manages the Information Security Management System (ISMS). This is a multidisciplinary team that manages the security of the company’s information, data and equipment: from purchasing to human resources, including development, maintenance, etc. These experts define, deploy, verify and improve the information security policy.

At the international level, ACTIA entities are ISO 27001 certified or in the process of certification. ISO 27001 certification actions and the deployment of various cybersecurity standards, in particular ISO/SAE 21434, are carried out collectively at group level by optimizing synergies and sharing opportunities.

For further inquiries on the service send us your message. Our team is at your service to answer as soon as possible to your questions.

Cookie	Durée	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.