At Torc, safeguarding safety-critical programs from evolving cybersecurity threats isn’t only a precedence—it’s a core
mission.
On the helm of this mission is Michael Maass, the Director of Product Cybersecurity and Principal Product
Cybersecurity Architect, whose profession displays a deep dedication to constructing safe applied sciences, robust groups,
and forward-thinking technique.
A Profession Rooted in Cybersecurity Excellence
Michael brings over 20 years of cybersecurity expertise to the desk—17 of these spent particularly on
securing corporations, merchandise, and safety-critical programs. His background bridges the technical and strategic:
from writing low-level software program in x86 meeting, C/C++, and Java, to main cross-functional safety groups
and creating methods to construct safety into merchandise.
All through his profession, Michael has helped corporations undertake cutting-edge practices that meet each technical and
compliance necessities. His ardour lies in some of the advanced and essential areas of recent
know-how: creating safe, safety-critical cyber-physical programs that may stand as much as real-world threats
and regulatory scrutiny.
Constructing Safe Groups and Tradition
Michael’s management extends past know-how. He’s spent years constructing and nurturing top-tier cybersecurity
groups within the automotive area, guaranteeing they not solely have deep technical abilities but additionally perceive the
broader affect of their work. His skill to speak with executives, regulators, and exterior stakeholders
makes him a uncommon bridge between engineering and compliance—a necessity in immediately’s high-stakes
cybersecurity atmosphere.
Main Cybersecurity at Torc Robotics
At Torc, Michael wears two hats: he acts as each Principal Product Cybersecurity Architect and the Director of
Product Cybersecurity. In these roles, he leads efforts to embed cybersecurity into each stage of product
improvement for autonomous autos—programs that should function safely and securely within the unpredictable actual
world.
His management ensures that cybersecurity is an integral a part of a product’s full lifecycle, starting from inception
to product retirement.
Penetration Testing: Purple Teaming for the Proper Causes
One of many key instruments in Michael’s cybersecurity arsenal is penetration testing—a method that simulates real-
world assaults so as to discover and repair vulnerabilities earlier than dangerous actors can discover and exploit them.
“Penetration testing is basically the place somebody with hacking abilities applies these abilities to a specific goal,
with the aim of effectively discovering vulnerabilities and figuring out hardening alternatives,” Michael explains.
Penetration testing is a course of inside the A Versatile Cybersecurity Growth Lifecycle (AVCDL), an open
supply doc set crafted by Charles Wilson, Cybersecurity Architect at Torc, Michael, and cybersecurity
engineers at Torc and different corporations, to be used by the autonomous car business and some other creating
safety-critical cyber bodily programs. This structured lifecycle ensures that each side of the product, from
{hardware} to software program, is rigorously vetted for cybersecurity dangers and people dangers are addressed.
Penetration testing is only one a part of a broader cybersecurity technique. Whereas penetration testing is commonly
spotlighted as a result of it’s thrilling and accessible, it’s essential to notice {that a} safe cybersecurity platform
features a complete set of practices. Many of those, whereas equally important, are much less identified until you’re
deeply immersed within the area.
Nonetheless, penetration testing stands out as an illustrative instance of how Torc’s structured lifecycle ensures that
each side of an autonomous car product—from {hardware} to software program—is rigorously vetted for
cybersecurity dangers.
Contained in the Penetration Testing Course of
As Michael says, no two penetration exams are the identical, however most comply with six common steps:
- Pre-Engagement: Outline the goal, set aims, and set up boundaries.
- Reconnaissance: Collect knowledge on the system utilizing each passive and lively strategies.
- Risk Simulation: Emulate the ways of real-world menace actors.
- Exploitation: Try and breach the system, figuring out weak factors.
- Evaluation: Assess findings and potential enterprise affect.
- Reporting & Suggestions: Share outcomes and collaborate on mitigation methods.
In a real-world instance of a penetration take a look at on a lidar system, Michael shared that security and safety go
hand-in-hand. Each parts should work collectively to make sure the energy of a system. Throughout this specific
lidar take a look at, Michael identified that analog assaults, whereas dangerous, aren’t essentially as impactful as system-level
exploits.
Michael’s Imaginative and prescient for Safe Autonomy
Michael’s final aim is to create know-how that’s safe, dependable, and compliant—all whereas enabling
innovation. His work ensures that Torc’s programs are prepared not only for immediately’s challenges, however that the bigger
autonomous car business is able to face tomorrow.
As Michael says, a rising tide lifts all boats. At Torc, that philosophy is core to how cybersecurity is
approached—not simply as a aggressive benefit, however as a shared duty throughout the business. That’s why
Torc is pushing ahead with instruments just like the AVCDL. By making this framework seen and accessible, Torc goals to
assist everybody construct safer, safer, and extra compliant merchandise.
“I’m enthusiastic about creating safe, safety-critical programs that steadiness innovation with acceptable
legal responsibility and compliance,” he says. In an business the place belief is every little thing, that mission is extra important than ever.
With a long time of expertise and a ardour for securing the way forward for mobility, Michael Maass helps to
form the subsequent technology of cybersecurity in autonomous autos. By means of strategic management, technical
experience, and a dedication to continuous enchancment, he’s guaranteeing that Torc stays forward of the curve—
preserving programs protected, safe, and prepared for the highway forward.
