At Torc, safeguarding safety-critical methods from evolving cybersecurity threats isn’t only a precedence—it’s a core
mission.
On the helm of this mission is Michael Maass, the Director of Product Cybersecurity and Principal Product
Cybersecurity Architect, whose profession displays a deep dedication to constructing safe applied sciences, sturdy groups,
and forward-thinking technique.
A Profession Rooted in Cybersecurity Excellence
Michael brings over 20 years of cybersecurity expertise to the desk—17 of these spent particularly on
securing corporations, merchandise, and safety-critical methods. His background bridges the technical and strategic:
from writing low-level software program in x86 meeting, C/C++, and Java, to main cross-functional safety groups
and growing methods to construct safety into merchandise.
All through his profession, Michael has helped corporations undertake cutting-edge practices that meet each technical and
compliance necessities. His ardour lies in one of the crucial complicated and essential areas of contemporary
expertise: growing safe, safety-critical cyber-physical methods that may stand as much as real-world threats
and regulatory scrutiny.
Constructing Safe Groups and Tradition
Michael’s management extends past expertise. He’s spent years constructing and nurturing top-tier cybersecurity
groups within the automotive area, guaranteeing they not solely have deep technical abilities but in addition perceive the
broader affect of their work. His potential to speak with executives, regulators, and exterior stakeholders
makes him a uncommon bridge between engineering and compliance—a necessity in right now’s high-stakes
cybersecurity setting.
Main Cybersecurity at Torc Robotics
At Torc, Michael wears two hats: he acts as each Principal Product Cybersecurity Architect and the Director of
Product Cybersecurity. In these roles, he leads efforts to embed cybersecurity into each stage of product
improvement for autonomous automobiles—methods that should function safely and securely within the unpredictable actual
world.
His management ensures that cybersecurity is an integral a part of a product’s full lifecycle, starting from inception
to product retirement.
Penetration Testing: Purple Teaming for the Proper Causes
One of many key instruments in Michael’s cybersecurity arsenal is penetration testing—a way that simulates real-
world assaults with a view to discover and repair vulnerabilities earlier than unhealthy actors can discover and exploit them.
“Penetration testing is actually the place somebody with hacking abilities applies these abilities to a selected goal,
with the aim of effectively discovering vulnerabilities and figuring out hardening alternatives,” Michael explains.
Penetration testing is a course of inside the A Versatile Cybersecurity Growth Lifecycle (AVCDL), an open
supply doc set crafted by Charles Wilson, Cybersecurity Architect at Torc, Michael, and cybersecurity
engineers at Torc and different corporations, to be used by the autonomous car business and another creating
safety-critical cyber bodily methods. This structured lifecycle ensures that each facet of the product, from
{hardware} to software program, is rigorously vetted for cybersecurity dangers and people dangers are addressed.
Penetration testing is only one a part of a broader cybersecurity technique. Whereas penetration testing is commonly
spotlighted as a result of it’s thrilling and accessible, it’s essential to notice {that a} safe cybersecurity platform
features a complete set of practices. Many of those, whereas equally vital, are much less identified except you’re
deeply immersed within the area.
Nonetheless, penetration testing stands out as an illustrative instance of how Torc’s structured lifecycle ensures that
each facet of an autonomous car product—from {hardware} to software program—is rigorously vetted for
cybersecurity dangers.
Contained in the Penetration Testing Course of
As Michael says, no two penetration checks are the identical, however most comply with six normal steps:
- Pre-Engagement: Outline the goal, set targets, and set up boundaries.
- Reconnaissance: Collect knowledge on the system utilizing each passive and lively methods.
- Risk Simulation: Emulate the ways of real-world risk actors.
- Exploitation: Try and breach the system, figuring out weak factors.
- Evaluation: Assess findings and potential enterprise affect.
- Reporting & Suggestions: Share outcomes and collaborate on mitigation methods.
In a real-world instance of a penetration take a look at on a lidar system, Michael shared that security and safety go
hand-in-hand. Each parts should work collectively to make sure the power of a system. Throughout this explicit
lidar take a look at, Michael identified that analog assaults, whereas dangerous, aren’t essentially as impactful as system-level
exploits.
Michael’s Imaginative and prescient for Safe Autonomy
Michael’s final aim is to create expertise that’s safe, dependable, and compliant—all whereas enabling
innovation. His work ensures that Torc’s methods are prepared not only for right now’s challenges, however that the bigger
autonomous car business is able to face tomorrow.
As Michael says, a rising tide lifts all boats. At Torc, that philosophy is core to how cybersecurity is
approached—not simply as a aggressive benefit, however as a shared duty throughout the business. That’s why
Torc is pushing ahead with instruments just like the AVCDL. By making this framework seen and accessible, Torc goals to
assist everybody construct safer, safer, and extra compliant merchandise.
“I’m obsessed with growing safe, safety-critical methods that steadiness innovation with acceptable
legal responsibility and compliance,” he says. In an business the place belief is all the things, that mission is extra very important than ever.
With a long time of expertise and a ardour for securing the way forward for mobility, Michael Maass helps to
form the subsequent technology of cybersecurity in autonomous automobiles. By means of strategic management, technical
experience, and a dedication to continuous enchancment, he’s guaranteeing that Torc stays forward of the curve—
protecting methods protected, safe, and prepared for the highway forward.
