Security Review
FieldSpace is designed for security-conscious evaluation: scoped data access, replayable audit trails, signed artifacts, and partner review before any production integration.
Security at Every Layer
Our security posture focuses on the parts that matter first in an evaluation: data handling, access control, artifact integrity, and clear deployment boundaries.
System Security
FieldSpace evaluation environments are designed around isolation, least-privilege access, signed artifacts, and clear separation between replay tooling and customer systems.
- • Signed release artifacts
- • Isolated replay environments
- • Least-privilege service access
- • Explicit deployment boundaries
Data Protection
Evaluation data handling is scoped to the agreed engagement, with encryption in transit and at rest where customer data is stored.
- • AES-256 encryption at rest
- • TLS 1.3 for data in transit
- • Data minimization for log studies
- • Customer retention terms by agreement
Standards Readiness
We map partner reviews to automotive safety, scenario-validation, cybersecurity, and information-security frameworks. Final certification claims depend on the deployed scope, assessor, and customer environment.
- • ISO 26262 and SOTIF readiness path
- • ISO 3450x scenario alignment
- • ISO/SAE 21434 alignment target
- • SOC 2 readiness path
- • Third-party review available by scope
Technical Security Architecture
The current security model is designed for benchmark review, log replay, and controlled pilot integrations.
Evaluation Security
Secure Evaluation Boundary
- • Segregated replay workspace
- • Scoped customer data access
- • Explicit retention and deletion terms
- • No actuator authority in log studies
- • Partner-controlled data handoff
Software Security
- • Secure boot process with verified signatures
- • Dependency and vulnerability review
- • Reproducible benchmark artifacts
- • Code integrity verification where deployed
- • Change tracking for releases
Network Security
- • Segmented network architecture
- • Encrypted transfer for customer logs
- • Access logs for shared environments
- • Certificate-based authentication where integrated
- • Network rules agreed per pilot
Data and Access Security
Infrastructure Security
- • Containerized replay tooling
- • Automated dependency checks where configured
- • Infrastructure changes tracked in source control
- • Principle-of-least-privilege access
- • Production deployment architecture reviewed per customer
Data Security
- • Encryption in transit and at rest where hosted data is stored
- • Customer-managed encryption options by engagement
- • Data anonymization and pseudonymization by engagement scope
- • Data deletion terms defined by agreement
- • Data handling terms defined before transfer
Access Control
- • Multi-factor authentication where hosted access is provided
- • Role-based access control for shared environments
- • Privileged access review by engagement scope
- • Single sign-on options for enterprise pilots
- • Access review cadence defined by agreement
Standards Readiness Frameworks
We map FieldSpace evaluations to the frameworks partners commonly use. These are alignment and readiness paths, not current certification claims.
Automotive Safety Alignment
- ISO 26262
Functional safety readiness - ISO 21448 / SOTIF
Triggering-condition evidence - ISO 3450x
Scenario-based validation taxonomy
Cybersecurity Readiness
- ISO/SAE 21434
Automotive cybersecurity engineering - ISO 24089
Software update engineering - UNECE R155 / R156
OEM-owned cybersecurity and update approval support
Evidence and Data Readiness
- UL 4600 / ISO 5083
Safety-case and ADS V&V structure - SOC 2 / ISO 27001
Hosted replay and service-control readiness - TISAX
Automotive supplier security mapping
Review and Readiness Activities
Scoped Assessments
Security readiness reviews scoped to the engagement
Penetration Testing
Third-party testing available when required by the pilot
Policy Updates
Framework mapping and policy updates as scope matures
Training Programs
Security procedures documented for customer review
Security Operations Model
FieldSpace security operations are scaled to the engagement: local benchmark work, hosted evaluation, or partner-managed deployment.
Threat Detection & Response
Scoped Monitoring
Monitoring plans are defined by evaluation scope, data sensitivity, and deployment environment.
Incident Response
Incident handling procedures and escalation contacts are documented for customer engagements.
Expert Analysis
Dedicated security analysts with expertise in automotive cybersecurity and threat intelligence.
Customer Communication
Immediate notification and transparent communication during any security incidents or events.
Security Review Signals
Security Contact
StarDrive, Inc.
1400 Mission St.
San Francisco, CA 94103
Security Inquiries: Request Demo for Security Information
Security and Standards Readiness
FieldSpace is being organized for partner security and standards review against international frameworks and automotive requirements. Final compliance status is scope-specific.
International Security Standards
ISO 27001 Readiness Target
Information security management framework used as a readiness target for handling sensitive information.
- Risk assessment and treatment
- Security controls implementation
- Continuous improvement as engagement scope matures
SOC 2 Readiness
Service control framework used to structure future hosted evaluation controls.
- Control mapping for hosted services
- Evidence collection where required
- Third-party review where included in customer scope
NIST Cybersecurity Framework Readiness Mapping
Cybersecurity risk-management framework used as a mapping reference for scoped reviews.
- Identify, Protect, Detect, Respond, Recover
- Risk-based security controls
- Monitoring and assessment planning by engagement scope
Automotive Safety and Cybersecurity Readiness
ISO 26262 (Functional Safety)
Functional safety readiness for a scoped observer or validation-support tool-use case.
- Supplier safety plan and assumptions
- Requirements traceability and verification evidence
- Tool-confidence or SEooC applicability review
ISO 21448 / SOTIF and ISO 3450x
Scenario and triggering-condition structure for safety-relevant validation review.
- ODD and scenario taxonomy
- False-positive and false-negative analysis
- Replayable evidence for selected edge cases
ISO/SAE 21434 and TISAX Readiness Mapping
Cybersecurity and supplier-security mapping for automotive engagements.
- Threat analysis and risk assessment outline
- SBOM, vulnerability handling, and release integrity
- Supply-chain security review planning
Security Best Practices for Customers
Follow these recommendations for any FieldSpace evaluation or pilot deployment.
Access Management
- • Enable multi-factor authentication
- • Use strong, unique passwords
- • Regularly review user permissions
- • Implement least-privilege access
Device Security
- • Keep firmware up to date
- • Enable automatic security updates
- • Monitor for unauthorized changes
- • Secure physical access to devices
Network Security
- • Use dedicated network segments
- • Implement network monitoring
- • Configure firewall rules properly
- • Use VPN for remote access
Monitoring & Logging
- • Enable comprehensive logging
- • Monitor system performance
- • Set up security alerts
- • Regular security assessments
Staff Training
- • Security awareness training
- • Phishing simulation exercises
- • Incident response procedures
- • Regular training updates
Standards Readiness
- • Follow industry standards
- • Maintain audit trails
- • Document security procedures
- • Regular readiness reviews
Review the security model before the pilot
We will walk through data handling, access boundaries, artifact signing, and security review scope before any customer log study or integration.