Published on: May 21, 2025 Updated 2 times since publishing
Paolo Doz has been working at the intersection of software and hardware since 2008, building a career on low-level development, open-source innovation, and automotive-grade engineering. As one of the co-founders of Abinsula, he helped turn a shared vision into a leading embedded systems company that bridges high-quality software development with real-world applications across the automotive, IoT, and smart mobility sectors. In this SafetyDetectives interview, Paolo discusses Abinsula’s approach to embedded cybersecurity, the challenges of securing connected vehicles, and how regulatory shifts like the EU Cyber Resilience Act are shaping the future of secure product design.
Hi Paolo, can you tell us about your background and what inspired you to co-found Abinsula?
My name is Paolo, I’m from Italy, and I’ve been working in the embedded systems field since 2008—the year my professional journey began, right after earning a degree in Computer Engineering from the Politecnico di Torino. Since my university years, and especially through my thesis work, I developed a strong passion for low-level development—an exciting domain where software meets hardware, often through debugging sessions, oscilloscopes, and protocol analyzers.
My first role was at a company specializing in embedded systems for the automotive sector—a highly challenging environment that allowed me to grow quickly and refine cutting-edge technical skills. During that time, I had the opportunity to contribute to the development of the first infotainment system based on open source technologies—an experience that profoundly shaped my view of innovation.
That project revealed the extraordinary potential of open source in embedded systems—not only from a technological perspective but also for its ability to foster communities and accelerate development. From that realization, and together with four like-minded colleagues, the idea of founding Abinsula was born—an organization that still carries forward our mission: to combine technical excellence, open source culture, and advanced solutions in the embedded world.
What are Abinsula’s flagship services today, and how do they support your clients across industries like automotive, IoT, and mobility?
Today, Abinsula positions itself as a trusted technology partner, offering a comprehensive range of services tailored to the specific needs of its clients. From consultancy to full-scale development, the company handles end-to-end projects, starting from system requirements and architecture, through to software development and, in many cases, even hardware design. From the SW perspective we offer development from device driver, operating system customization, middleware, HMI up to web and mobile application.
In the IoT sector, for example, clients often struggle to find off-the-shelf solutions that fully meet their requirements. That’s where Abinsula steps in, designing and delivering custom devices crafted from the ground up.
There are also cases where the company is brought in to contribute to specific development phases, adding value through its technical expertise. Regardless of the sector, the approach remains the same: flexibility, precision, and a deep commitment to quality.
We often say that agriculture is like a car with big wheels, and IoT is like a car with no wheels at all. A metaphor that reflects Abinsula’s philosophy: applying the rigor and high-quality standards of automotive development to other domains, including IoT and agritech, where such practices are often lacking.
Automotive cybersecurity is a rapidly evolving space. What are the most urgent security risks in connected vehicles, and how does Abinsula address them?
The introduction of connectivity in modern vehicles has transformed the industry but also dramatically increased its vulnerability. Technologies like Bluetooth, Wi-Fi hotspots, keyless entry systems, and remote connections through telematics modems have made vehicles attractive targets for cyber attackers.
This shift requires a twofold strategy.
For existing or soon-to-be-released systems, the first step is a thorough review of architecture and current implementations to identify gaps against industry best practices. Once vulnerabilities are found, the necessary fixes must be applied, followed by the release of an updated software image that significantly improves device resilience.
For new products, the approach must be proactive: cybersecurity requirements need to be defined from day one. This ensures the system is robust by design, capable of withstanding common attacks and adapting over time.
In an era where software is the brain of the vehicle, cybersecurity is no longer optional—it’s essential to ensure reliability, safety, and trust.
You’ve been involved in projects ranging from smart mobility to embedded Linux. How do you ensure cybersecurity is baked into your products from the start?
In developing new products, Abinsula leverages the expertise of Abissi, a company within the group that focuses exclusively on cybersecurity. Through this partnership, each system is tailored with clearly defined security requirements, aligned with the use case and industry in which it will operate.
Attention to cybersecurity is more crucial than ever, particularly in light of recent regulations. A key example is the European Union’s Cyber Resilience Act, which has raised awareness across the digital landscape and introduced standardized rules to significantly enhance the security of connected devices.
Thanks to its involvement in dozens of complex projects, the Abinsula team has developed an in-depth understanding of common threats and the most effective countermeasures. This expertise allows the company to offer highly secure, regulation-compliant solutions, providing clients with a strong competitive edge.
In today’s environment, where connected systems are the norm, building security into the design isn’t just best practice, it’s a strategic imperative.
Abinsula recently integrated KOAN to strengthen its open-source and embedded software capabilities. How does that move support your security goals and product roadmap?
With its longstanding experience in the embedded world, KOAN plays a key role in strengthening Abinsula’s training and service portfolio. The collaboration helps expand the group’s ecosystem, providing high-level technical expertise.
KOAN has long been a recognized ambassador of the Yocto Project, and a leading provider of specialized embedded Linux training. This synergy adds a new layer of value to Abinsula’s offering, opening the door to a wider audience seeking not only solutions but also technical education.
Looking ahead, the group is preparing to launch a new series of courses focused on cybersecurity, designed to support companies navigating the rapidly shifting regulatory and technological landscape.
As technology continues to converge across industries, where do you see the biggest opportunities—and risks—for embedded cybersecurity over the next 5 years?
The growing technological convergence across industries is driving down the average cost of development. For a company like Abinsula, deeply rooted in open source technologies, this trend aligns perfectly with its ability to reuse software components and offer clients cost-effective, high-quality solutions.
Additionally, the rise of harmonized international regulations allows for the consistent application of “golden rules” across different sectors, streamlining compliance efforts and reinforcing device security at every level.
However, with progress comes complexity: systems are becoming more sophisticated, attack surfaces are expanding, and new threats emerge constantly. It’s a challenge that Abinsula embraces with confidence, combining deep technical expertise, strategic vision, and a proactive security mindset.
Because in today’s embedded world, success doesn’t just mean building the system, it means defending it.