Quantum-safe from silicon to system
Four service areas covering the complete automotive PQC migration, from binary audit through certified AUTOSAR middleware deployment.
Know your exposure before the audit
CryptoBOM scans ECU firmware binaries and produces a structured Cryptographic Bill of Materials. Every ECDSA P-256, RSA-2048, and SHA-1 instance is located to binary address, classified by post-quantum risk severity, and mapped to its NIST FIPS 203 or 204 replacement path.
CryptoBOM supports ELF, Intel HEX, S-record, and raw binary formats. Available in a limited evaluation edition and a full enterprise edition with fleet-wide batch scanning, AUTOSAR ARXML parsing, and TISAX-formatted audit reports.
- Binary formats: ELF · Intel HEX · S-record · raw .bin
- Output: JSON + Excel (TISAX-ready) + UNECE R155 evidence
- Editions: Limited evaluation · Enterprise (unlimited scans + audit reports)
The TARA methodology your auditors are starting to ask about
ISO/SAE 21434 TARA was finalised before NIST published its post-quantum standards. The quantum-capable nation-state adversary does not appear in most current automotive TARAs. We add it, with the correct asset categories, threat scenarios, and risk treatment options mapped to FIPS 203/204 migration paths.
- TARA document: quantum threat actor profile (QCNS) added
- CryptoBOM Excel: crypto asset inventory for all scanned ECUs
- Remediation roadmap: FIPS 203/204 migration by ECU priority
- UNECE R155 evidence package: ready for annual review
- Executive summary: 2-page briefing for programme management
Engagements from £15,000. 4–8 week delivery.
First assessment slots available. Contact us to scope.
Crypto Inventory
CryptoBOM scan of all ECU firmware binaries. Every classical algorithm located, classified, and logged.
Quantum Threat Profiling
Quantum-capable nation-state (QCNS) adversary profile constructed and integrated into the threat landscape.
Risk Assessment
ISO/SAE 21434 TARA with post-quantum findings. Asset categories, damage scenarios, and risk values updated.
Compliance Report
UNECE WP.29 R155 annual review evidence package. Deliverables reviewed and signed off with your team.
ML-KEM and ML-DSA as native AUTOSAR Crypto Driver modules
The AUTOSAR integration layer that silicon vendors, algorithm libraries, and standards bodies don't provide.
AUTOSAR Conformant
CSM/CryIf/Crypto Driver architecture. ARXML descriptors for Vector DaVinci Developer and EB tresos. Plug-in to existing AUTOSAR Classic BSW stacks with no architectural change.
Safety Certified
ISO 26262 ASIL-B certification path active. MISRA C:2012 compliant. NIST FIPS 203/204 Known Answer Test (KAT) validated. Documented safety analysis and FMEA on completion.
Multi-Platform
Target automotive MCU families:
- NXP S32K344 — Cortex-M7, 160 MHz
- STM32H573 — Cortex-M33, 250 MHz
- Infineon AURIX TC397 — TriCore (planned Q4 2026)
Your migration is only as good as your last test
We test automotive systems specifically for post-quantum cryptographic weaknesses. Not TLS configuration. Not certificate expiry. We look at whether the algorithms your system uses will survive a cryptographically relevant quantum computer, and whether your migration has actually closed the exposure.
Engagements from £20,000.
Firmware signing algorithm, TLS cipher negotiation, manifest signature verification, update server PKI.
Digital key pairing ceremony, TPMS encryption, keyless entry. Algorithm classification and HNDL exposure window assessment.
BSM signing algorithm, SCMS certificate chain quantum-readiness classification.
TCU TLS cipher suite, certificate chain algorithm, backend PKI. HNDL exposure window assessment.
Not sure which service fits your programme?
A 30-minute conversation is free and no-obligation.