At Torc, safeguarding safety-critical programs from evolving cybersecurity threats isn’t only a precedence—it’s a core
mission.
On the helm of this mission is Michael Maass, the Director of Product Cybersecurity and Principal Product
Cybersecurity Architect, whose profession displays a deep dedication to constructing safe applied sciences, sturdy groups,
and forward-thinking technique.
A Profession Rooted in Cybersecurity Excellence
Michael brings over 20 years of cybersecurity expertise to the desk—17 of these spent particularly on
securing corporations, merchandise, and safety-critical programs. His background bridges the technical and strategic:
from writing low-level software program in x86 meeting, C/C++, and Java, to main cross-functional safety groups
and creating methods to construct safety into merchandise.
All through his profession, Michael has helped corporations undertake cutting-edge practices that meet each technical and
compliance necessities. His ardour lies in some of the advanced and necessary areas of contemporary
know-how: creating safe, safety-critical cyber-physical programs that may stand as much as real-world threats
and regulatory scrutiny.
Constructing Safe Groups and Tradition
Michael’s management extends past know-how. He’s spent years constructing and nurturing top-tier cybersecurity
groups within the automotive house, guaranteeing they not solely have deep technical expertise but in addition perceive the
broader affect of their work. His capacity to speak with executives, regulators, and exterior stakeholders
makes him a uncommon bridge between engineering and compliance—a necessity in at the moment’s high-stakes
cybersecurity atmosphere.
Main Cybersecurity at Torc Robotics
At Torc, Michael wears two hats: he acts as each Principal Product Cybersecurity Architect and the Director of
Product Cybersecurity. In these roles, he leads efforts to embed cybersecurity into each stage of product
improvement for autonomous autos—programs that should function safely and securely within the unpredictable actual
world.
His management ensures that cybersecurity is an integral a part of a product’s full lifecycle, starting from inception
to product retirement.
Penetration Testing: Crimson Teaming for the Proper Causes
One of many key instruments in Michael’s cybersecurity arsenal is penetration testing—a method that simulates real-
world assaults with a view to discover and repair vulnerabilities earlier than dangerous actors can discover and exploit them.
“Penetration testing is actually the place somebody with hacking expertise applies these expertise to a specific goal,
with the aim of effectively discovering vulnerabilities and figuring out hardening alternatives,” Michael explains.
Penetration testing is a course of throughout the A Versatile Cybersecurity Growth Lifecycle (AVCDL), an open
supply doc set crafted by Charles Wilson, Cybersecurity Architect at Torc, Michael, and cybersecurity
engineers at Torc and different corporations, to be used by the autonomous automobile business and another creating
safety-critical cyber bodily programs. This structured lifecycle ensures that each facet of the product, from
{hardware} to software program, is rigorously vetted for cybersecurity dangers and people dangers are addressed.
Penetration testing is only one a part of a broader cybersecurity technique. Whereas penetration testing is usually
spotlighted as a result of it’s thrilling and accessible, it’s necessary to notice {that a} safe cybersecurity platform
features a complete set of practices. Many of those, whereas equally essential, are much less identified except you’re
deeply immersed within the area.
Nonetheless, penetration testing stands out as an illustrative instance of how Torc’s structured lifecycle ensures that
each facet of an autonomous automobile product—from {hardware} to software program—is rigorously vetted for
cybersecurity dangers.
Contained in the Penetration Testing Course of
As Michael says, no two penetration exams are the identical, however most comply with six common steps:
- Pre-Engagement: Outline the goal, set aims, and set up boundaries.
- Reconnaissance: Collect information on the system utilizing each passive and energetic strategies.
- Risk Simulation: Emulate the ways of real-world menace actors.
- Exploitation: Try and breach the system, figuring out weak factors.
- Evaluation: Assess findings and potential enterprise affect.
- Reporting & Suggestions: Share outcomes and collaborate on mitigation methods.
In a real-world instance of a penetration check on a lidar system, Michael shared that security and safety go
hand-in-hand. Each parts should work collectively to make sure the energy of a system. Throughout this specific
lidar check, Michael identified that analog assaults, whereas dangerous, aren’t essentially as impactful as system-level
exploits.
Michael’s Imaginative and prescient for Safe Autonomy
Michael’s final aim is to create know-how that’s safe, dependable, and compliant—all whereas enabling
innovation. His work ensures that Torc’s programs are prepared not only for at the moment’s challenges, however that the bigger
autonomous automobile business is able to face tomorrow.
As Michael says, a rising tide lifts all boats. At Torc, that philosophy is core to how cybersecurity is
approached—not simply as a aggressive benefit, however as a shared duty throughout the business. That’s why
Torc is pushing ahead with instruments just like the AVCDL. By making this framework seen and accessible, Torc goals to
assist everybody construct safer, safer, and extra compliant merchandise.
“I’m captivated with creating safe, safety-critical programs that stability innovation with acceptable
legal responsibility and compliance,” he says. In an business the place belief is all the pieces, that mission is extra very important than ever.
With many years of expertise and a ardour for securing the way forward for mobility, Michael Maass helps to
form the subsequent technology of cybersecurity in autonomous autos. By means of strategic management, technical
experience, and a dedication to continuous enchancment, he’s guaranteeing that Torc stays forward of the curve—
protecting programs protected, safe, and prepared for the street forward.