Threat Modeling
Identification and elimination of security vulnerabilities in product design using Threat Modeling
Our portfolio in the area of Cyber Security
Secure Architecture
Architectural design based on best practices, Threat Modeling, and the application of Defense-in-Depth and Zero-Trust concepts
Compliant Documentation
A compliant documentation is essential for product approval
Secure Development Environment
Ensuring that work is performed in a secure development environment with a secure configuration
Secure Coding
Application of best coding practices and techniques, input validation, and tool monitoring during software implementation
Vulnerability Testing and Fuzz Testing
Verifying the robustness, resilience, and integrated security mechanisms of the product
Vulnerability Monitoring
Ensuring that the product is delivered without publicly known vulnerabilities. Monitoring continues throughout the entire product life cycle
The goal of cyber security is always to maintain the Confidentiality, Integrity, and Availability of assets. Using the “Security by Design” approach, cyber security is an integral part of the product development process at konplan. The various security aspects are considered throughout the entire development cycle, including:
- Security Requirements and Controls
- Threat Modeling (STRIDE, Attack Trees, OWASP)
- Secure Architecture und Interoperability
- Secure Coding
- Static Code Analysis
- Software Bill of Materials (SBOM)
- Vulnerability Testing / Fuzz Testing
- Penetration Testing (external partner)
This ensures that products are not only functional but also resilient to threats. konplan is competent in multiple industries and understands the applicable regulations and security standards for conformity assessment, e.g.:
- Cybersecurity requirements for products with digital elements (CRA): EN 40000
- Medical Devices (MDR, IVDR, FDA): IEC 81001-5-1, FDA Guidance
- Electrical and Mechanical Engineering (MVO, LVD, CRA): IEC 62443
- Consumer Products (LVD, CRA): ETSI EN 303 645
- Radio Equipment (RED): EN 18031
For product approval, konplan creates technical documentation in accordance with the applicable security standards.
We are here for you – send us your request!
Developing together! We put your ideas into practice and accompany your projects until they are ready for the market. Get in touch with our experts now.
Learnings
References
Secure firmware over-the-air update for sterilizers and cleaning devices
A feasibility study provided Belimed with a comprehensive view of the architecture and implementation of the secure firmware over-the-air update feature for the current system.
Product Life Cycle
