NCC Group’s dedicated Transport Assurance Practice provides support to Automotive, Maritime, Aerospace and Rail clients across the globe.
NCC Group is a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape.
NCC Group’s transport assurance practice blends together the extensive offerings across the business and utilises industry specific experts to provide the very best cyber security, functional testing and escrow services to our clients. The dedicated practice provides support to customers in the automotive, maritime, aerospace and rail sectors across the globe.
The goal of the Transport Assurance Practice is to develop a partnership which can be relied upon to enable your business to grow and succeed.
The cyber security division provides a strategic approach that aligns with every stage of the Secure Development Lifecycle. This allows us to provide the full range of security assurance services, from a team of over 500 consultants, at each stage of the development lifecycle and ensures that system-level attack points are recognised. Based on the expert remediation advice, departments within the organisation can then work together to implement any recommended countermeasures.
The software testing division provides a professional, tailored service with a flexible delivery model that ensures that the software functions as designed and meets the requirements of the users. Our Testing Solution Architects work with customers to identify the best solution for their needs, in line with their quality ambitions. The Transport Assurance Practice provides our clients with access to a pool of over 300 highly-qualified software testing professionals to deliver our services onsite or from our dedicated testing facilities. The specialised services we offer ensure that our customers’ investment in testing provides value and delivers a clear perspective on product quality.
Escrow & Verification
Our Escrow services provide a formalised legal framework whereby a copy of the source code behind critical applications is held securely with both the end user and supplier’s agreement, ensuring that the material can be accessed and released should the need arise.
Verification services provide the assurance that the maintenance of the source code can be taken over and that the application can be effectively rebuilt into a working system.
The Transport Assurance Practice works with the application owner to identify and verify the various components which should be placed into escrow and undergo verification testing. Through working directly with the owner we advise on the best practice approach to safeguarding the application or system in question.
Secure Development Lifecycle (SDL)
The concept of the Secure Development Lifecycle (SDL) forms the core of our services within the Transport Assurance Practice. It provides security assurance at each stage of the development lifecycle for systems and components and the approach ensures that system-level attack points are recognised and departments within an organisation can agree upon who implements each countermeasure.
Clearly some vehicle manufacturers and suppliers already perform security assurance activities within their business; therefore a first step is often to perform a gap analysis in order to identify which stages of the SDL are missing and where additional help is required.