asvin and IoT Inspector announce collaboration

Protection against cyberattacks in the Internet of Things

  • Cybersecurity start-up asvin and firmware specialists IoT Inspector agree to partnership
  • Increasing number of connected devices requires security measures along the entire software supply chain
  • asvin and IoT Inspector unveil first joint cybersecurity concept at Mobile World Congress in Barcelona

Stuttgart/Barcelona, 28.02.2022: This year’s Mobile World Congress will once again be dominated by the topic of connectivity. Not without reason: According to McKinsey’s estimates, the Internet of Things could create global economic added value of up to 13 trillion US dollars in 2030. A growth that, in addition to a multitude of new functionalities and enrichments in everyday life, also brings with it many potential security threats: every network device, whether in a private environment or an industrial context, will sooner or later require maintenance and security updates. The Stuttgart-based company asvin and the firmware specialists from IoT Inspector have set themselves the goal of accompanying this process securely with their solutions. At the MWC, the companies are not only announcing their partnership: They will be demonstrating for the first time in Barcelona at the joint Baden-WĂĽrttemberg/Hesse stand in Hall 7 Stand 7B70 how the right cybersecurity concepts can significantly reduce security risks in IoT and the industrial environment.

Secure software supply chains offer protection against cyber attacks

Industrial assets are increasingly interconnected via mobile devices such as sensors and cameras. Companies are required to counter threats such as ransomware or hacker attacks with effective security measures. Operators of critical infrastructures are also required by law to ensure the authenticity and confidentiality of software along the value chain and to protect sensitive data. Two companies dedicated to this mission are Stuttgart-based asvin GmbH and DĂĽsseldorf-based IoT Inspector GmbH.

“Companies can no longer afford to leave security vulnerabilities open to hacker attacks. The threat of cyberattacks is continuously increasing. Not only industrial equipment, but also any IoT device poses a potential security risk. We are proud to have IoT Inspector, an experienced firmware specialist, as a partner at our side. Together, we provide future-oriented solutions that are needed to holistically protect software supply chains,” explains Mirko Ross, CEO of asvin.

“The demand for security compliance in the IoT requires a risk assessment based on regulations and conformities of the specific industries. We partner with asvin to automatically detect vulnerabilities and security risks and prevent third-party access. Software that does not pass our vulnerability check is not installed in the first place,” says Jan Wendenburg, CEO of IoT Inspector.

asvin traces the origin of software. It’s an approach that has long been common in supply chains of physical goods. The goal is to increase the security and traceability of software supply chains in the Internet of Things, from development, through testing, quality management, implementation and updates. The Stuttgart-based company provides customers with a directory of all software that shows which software is installed where. IoT Inspector’s firmware analysis solution automatically detects vulnerabilities and security risks before they can be exploited by third parties. IoT Inspector provides the previously missing proof, the so-called Software Bill of Material, which provides information about the components used in software solutions. Together, the solutions from both companies sustainably increase protection against malware attacks along software supply chains and protect sensitive data. They ensure that only software that has been verified and checked is installed. asvin provides detailed information here, transparently, traceably and decentrally organized in the blockchain.

The solutions from asvin and IoT Inspector seamlessly intertwine

First, the software is created, then it goes through quality inspection and is subsequently tested. IoT Inspector checks the software for existing vulnerabilities and outside attacks and only releases the software if it is harmless. This is where asvin’s blockchain-based solution comes into play by documenting the entire supply chain of the software. The software, which has now been checked and deposited in the registry, reaches the end device by means of wireless updates. Any manipulative attack on the software supply chain is traceable and leads to countermeasures.

About asvin
Founded in 2018, asvin GmbH develops open source applications for the IoT. The solutions monitor the software status of networked devices, close security gaps and document tamper-proof updates. With asvin’s offering, individual update rollout plans are possible, as is the automatic execution of rapid security updates in the event of a crisis. The solutions are offered as Software-as-a-Service (SaaS), are easy to use and cost-effective. More information is available at www.asvin.io, on Twitter and LinkedIn.
Press contacts: Stefanie Herrnberger, Head of Sales & Marketing, s.herrnberger@asvin.io
BCW GmbH: asvin@bcw-global.com

About ONEKEY

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated software bill of materials (SBOM) generation. “Digital Cyber Twins” enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The patent-pending, integrated Compliance Wizard™ already covers the upcoming EU Cyber Resilience Act (CRA) and existing requirements according to IEC 62443-4-2, ETSI EN 303 645, UNECE R 155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform and ONEKEY Cybersecurity Experts.

 

CONTACT:

Sara Fortmann

Marketing Manager

sara.fortmann@onekey.com

 

euromarcom public relations GmbH

+49 611 973 150

team@euromarcom.de