Automotive Cybersecurity FAQ

FAQ for VSOC, Butterfly AI, TARA, threat intelligence, and automotive cybersecurity compliance.

A VSOC, or Vehicle Security Operations Center, is a security operations platform for connected vehicles. It continuously monitors vehicles, cloud services, and mobile applications for cyber threats, helping automakers analyze alerts, respond to incidents, and operate in line with cybersecurity requirements.
Butterfly AI is Callisto’s domain AI capability for automotive cybersecurity. It supports VSOC operations, threat intelligence, TARA analysis, compliance assessment, and security report generation through specialized security agents, helping security teams improve analysis efficiency and reduce repetitive operational work.
Automotive security involves specialized protocols and assets such as CAN, AUTOSAR, Some/IP, OTA, TBOX, and IVI. General AI models often lack the context needed to interpret vehicle anomalies, attack paths, and compliance requirements. A domain model can combine vehicle protocols, threat intelligence, and knowledge graphs for more reliable security analysis.
TARA, or Threat Analysis and Risk Assessment, identifies vehicle assets, attack paths, impact, and risk levels. It is an important method for meeting ISO/SAE 21434 and UN R155 requirements. Callisto’s TARA agent helps generate analysis reports and supports continuous updates.
Callisto solutions are built for automakers, fleet operators, autonomous driving companies, Tier 1 suppliers, and intelligent device companies. They cover vehicle security operations, data security compliance, intelligent driving security, charging station security, and vehicle-road-cloud security.
Automotive threat intelligence continuously tracks vehicle vulnerabilities, attack incidents, supply chain risks, and industry attack techniques. It helps automakers identify high-risk assets early, improve detection rules, and turn intelligence into actionable recommendations for VSOC, TARA, and vulnerability management workflows.
Charging stations connect vehicles, users, operating platforms, and payment systems. They involve charging control, operational data, user privacy, and critical infrastructure stability. Charging station security must cover device vulnerabilities, communication protocols, cloud platforms, data compliance, and closed-loop security operations.
Vehicle-road-cloud integration involves vehicles, roadside units, cloud platforms, V2X communication, and traffic data collaboration. Key risks include exposed interfaces, compromised roadside devices, centralized cloud data, abnormal vehicle control paths, and cross-system attack propagation, requiring unified monitoring and response.
Automotive data security compliance usually includes data asset inventory, classification, sensitive data discovery, data flow analysis, access control, masking and encryption, log auditing, and cross-border data risk assessment. For intelligent vehicles, it should continuously cover vehicle, cloud, mobile, and supply chain data scenarios.
Intelligent driving security covers not only in-vehicle networks and controllers, but also sensors, domain controllers, AI models, data links, and cloud collaboration. Attackers may affect driving decisions through perception interference, data injection, interface vulnerabilities, or OTA paths, so edge-cloud detection, analysis, and response are needed.

Contact us about our automotive cybersecurity services

With the transformation of automobiles into intelligent ones, automobile cybersecurity challenges are becoming increasingly prominent, and automobile companies urgently need to upgrade their cybersecurity protection systems.
Callisto (Beijing) Technology Co., Ltd. is a national high-tech enterprise founded by one of the world's first technical experts focusing on automotive network security, invested by world-renowned institutions, and possessing a number of independent intellectual property rights.
Chinese vehicle cybersecurity standard:
General Technical Requirements for Automobile Information Security
Comply with" Guidelines for the Construction of Internet of Vehicles Network Security and Data Security Standard System",meet GB/T 40861-2021 "General Technical Requirements for Automobile Information Security", establish and provide automobile network security services. Any data we process for our customers and any risks we discover are the private assets of our customers and cannot be accessed without authorization.
©2022 Callisto (Beijing) Technology Co., Ltd.ICP No. 2022011284-1
Vehicle cybersecurity certification:
ISO/SAE 21434 and UN R155UN R156

Contact us for ISO and WP.29 certification services to meet EU regulations.

Tel: 4001059410

Address: 201, Building 2A, Silicon Valley Liangcheng, Haidian District, Beijing