The automotive vehicle cybersecurity threat landscape is rapidly evolving, with new and sophisticated attack vectors emerging all the time. As a result, it is imperative for companies to keep up to date with the latest cybersecurity regulations and best practices. TARA (Threat Analysis and Risk Assessment) is a mandatory method under ISO/SAE 21434 for vehicle security, as it helps identify potential threats in the vehicle`s internal network, interfaces with the outside world and ecosystems, such as inter-vehicle or charging station communications. TARA enables manufacturers to identify realistic threats and take proactive measures to mitigate them. At AVL, we have further developed TARA in a tool approach that enables a high degree of automation. Based on the cybersecurity-relevant EE architecture model and a comprehensive database of threats and rules, TARA could be fully automated and up to attack tree analysis. Attack tree analysis is a critical component of TARA as it provides a comprehensive and structured approach to identifying potential attacks and vulnerabilities in the system. Overall, attack tree analysis is a critical input to testing because it provides a comprehensive and structured approach to identifying potential attack scenarios and vulnerabilities. By leveraging this information, cybersecurity testers can design effective test cases for functional testing and exploits for real-world attack scenarios to validate the effectiveness of security measures.
Session:
Cyber Security
|
| 14:00 - 14:30