Talk to an expert
Talk to an expert

Automotive

OEMs, manufacturers, suppliers, ECUs

One vehicle, 150 ECUs. A single one can compromise everything.

494 documented incidents in 2025, 44% of them ransomware. JLR: £1.9B in damages in September 2025. R155 blocks EU type approval without cybersecurity compliance. Vehicles are cyber-physical systems where one embedded vulnerability affects millions of units via an OTA update.

1
Documented automotive cybersecurity incidents in 2025 (Upstream Security)
1 %
Of 2025 incidents are ransomware (a doubling vs 2024)
R 1
EU type approval impossible without demonstrated cybersecurity compliance
1 %
Of 2025 attacks carried out remotely, with no physical access to the vehicle

A CYBER-PHYSICAL SECTOR UNDER FIRE IN 2025

JLR, Stellantis, CDK: a coordinated wave in September 2025
The HELLCAT, ShinyHunters and BlackCat groups targeted the automotive ecosystem simultaneously. CDK Global 2024: 15,000 US dealerships paralyzed. The automotive digital supply chain is systemically exposed via shared providers.
A compromised OTA pipeline = millions of vehicles affected
OTA updates reach an entire fleet simultaneously. An unsecured pipeline allows malicious code to be deployed on millions of vehicles. Signing, channel encryption, in-ECU verification — rarely audited in depth.
Command injection with no native authentication
The classic CAN bus has no authentication. Access to the bus allows injection of arbitrary commands: brakes, engine, steering. AUTOSAR SecOC is the answer — but its implementation is rarely tested offensively.
Type approval blocked without demonstrated cybersecurity
R155 mandates a cybersecurity assessment for any new vehicle type in the EU, UK, Japan and Korea. ISO 21434 is the implementation standard. Its real application requires technical audits — not checklists.

OUR SERVICES

QREDTEAM

ADVERSARY SIMULATION

  • Full-vehicle Red Team — OTA, CAN, infotainment, V2X, telematics
  • Pivot simulation from infotainment to critical ECUs (brakes, steering, engine)
  • OTA-pipeline security testing — signing, distribution channel, ECU verification
  • Red Team of the production infrastructure and Tier-1/2 supply chain
  • EV charging-station pentest (OCPP, EVSE) — firmware injection, escalation.
Discover QRedTeam

QLAB

DEEP SECURITY RESEARCH

  • ECU firmware reverse engineering (Bosch, Continental, Denso, NXP) without sources
  • JTAG/UART hardware analysis on ECUs — key extraction, debug interfaces
  • 0-day research on CAN, Automotive Ethernet, UDS and DoIP protocols
  • Audit of AUTOSAR SecOC implementation and OTA security mechanisms
  • Component supply-chain audit — backdoors in Tier-2/3 firmware.
Discover QLab

QSHIELD

SOFTWARE PROTECTION

  • Protection of ECU firmware against competitor and nation-state reverse engineering
  • Anti-cloning for suppliers exporting to risky markets
  • IP protection of ADAS, autonomous-driving and battery-management algorithms
  • Obfuscation of software-defined features and licensing systems
  • Protection of EV charging-station firmware against extraction and fraudulent modification.
Discover QShield

DIFFERENTIATOR QUARKSLAB

Traditional automotive testing is functional — not offensive. Quarkslab brings the depth R155 truly requires: ECU firmware reverse engineering without sources, CAN-protocol exploitation, JTAG/UART hardware audit. QShield protects your ADAS IP against competitor reverse engineering — an absolute differentiator that no traditional automotive-testing player can offer.

WHAT WOULD WE SAY TO EACH OTHER, FACE TO FACE

Have your ECUs been audited with the techniques an attacker would actually use to compromise them?

R155 compliance tests check boxes. Offensive automotive red teams — the ones that genuinely try to compromise the vehicle by exploiting firmware vulnerabilities — are a whole other discipline. JLR thought its defenses were sufficient in September 2025.

Beyond the compliance checklist
We audit your ECUs with the techniques an adversary would use — not the minimal R155 tests. The difference between passing the audit and being genuinely protected.
Without source access — like an attacker
We reverse-engineer your ECU firmware without source code. And we tell you what a hostile researcher would find in it.
The riskiest pipeline — the entire fleet
A compromised OTA reaches your whole fleet simultaneously. We test the entire pipeline.
Your algorithms, tamper-proof
QShield protects your ECU firmware. Your ADAS algorithms remain your exclusive property.
Our publications & CVEs
Assess your real compliance