THREAT ANALYSIS AND RISK ASSESSMENT IN AUTOMOTIVE CYBERSECURITY
Learn about the TARA method in automotive cybersecurity in this summary video on an easy to understand level. Threat Analysis and Risk Assessment / TARA stands for the systematic risk assessment within the concept phase of an automotive development project. Sounds complicated? It’s not, as you will see in the video course.
Find Out About the Importance of Threat Analysis and Risk Assessment for Your Automotive Development Project
When people talk about performing the TARA method according to ISO/SAE 21434 – what exactly do they mean? In this video course, you will learn when and in what way the TARA method is carried out in an automotive development project.
It seems obvious that identifying potential threats and dealing with them systematically is of highest importance in the field of cybersecurity in the automotive industry. But how is what information used as the basis for cybersecurity-related decisions?
This is where the systematic approach according to the Threat Analysis and Risk Assessment (TARA for short) method comes into play.
In this video course, you will learn the basics of TARA: from purpose to required input to outcome.
After the Item definition in the context of the concept phase (see also the video course „Item definition according to ISO/SAE 21434„), the next step is the execution of the Threat Analysis and Risk Assessment (TARA). The two outcomes of TARA, the Cybersecurity Goals and the Cybersecurity Claims, are also explained in general terms in this video.
Are you already familiar with Hazard Analysis and Risk Assessment (HARA) from the Functional Safety domain? Learn more about the relationship between HARA and Threat Analysis and Risk Assessment in automotive cybersecurity in this course.
Note: For a better overall understanding of TARA, it is recommended that you also watch the other video courses from Chapter 05 Cybersecurity Development.
Get practical guidance along the creation of the TARA and more work products with the new ISO/SAE 21434:2021 Workbook – officially licensed by ISO
The CYRES Consulting ISO/SAE 21434 Pocket Guide and The Essential Guide to ISO/SAE 21434 are followed by the now released ISO/SAE 21434:2021 Workbook, The new publication is designed to simplify practical work with the most important automotive cybersecurity standard and is the first ISO/SAE 21434:2021 Workbook. It will include:
- all work products (and corresponding requirements, recommendations and permissions) of ISO/SAE 21434:2021 („First Edition“) – officially licensed by ISO
- Field-tested templates for key work products, such as TARA, Cybersecurity Plan, Item Definition, CIA, and more
- Expert interviews, background information, explanations with a practical perspective across the automotive value chain
The workbook is ready for ordering here and is available worldwide as a digital workbook (ebook / PDF).
Who our Threat Analysis and Risk Assessment in Automotive Cybersecurity video course is made for
Cybersecurity Risk Assessment: An Informative Overview for Project Managers
Why is the TARA such a critical challenge for automotive development projects? As a project specialist, you know that documentation, traceability and the correct approach are key success factors for an entire project. This learning video course provides you with a summary about TARA, which will be broken down in more depth in our other detailed video courses.
A better understanding of TARA for developers/engineers involved in a project
To gain a deeper understanding of how the automotive cybersecurity Threat Analysis and Risk Assessment methodology works, it is essential to get a complete overview of how TARA is involved in the Concept phase. This short summary video course is designed to help you develop a better overall understanding to improve your knowledge of the necessary work needed to perform a TARA.
Threat Analysis And Risk Assessment In Automotive Cybersecurity – Video course content
The TARA method is considered by cybersecurity managers to be the very heart of systematically addressing automotive cybersecurity threats. ISO/SAE 21434:2021 devotes an entire chapter (in Clause 15) to TARA. Regardless of the scope of your automotive development project, systematic, correct, and ongoing handling of TARA becomes essential.
As a project manager, your first step is not to need one hundred percent detailed instructions on how to carry out the entire method, but first to have a precise general understanding.
This five-part summary video course is intended to provide an initial overview of the relevant information as an introduction to working with TARA. Get generally understandable answers and explanations of what actually is the goal of TARA, when the method is performed and how, and start to develop a first understanding of how the implementation works.
It is not only in cybersecurity, or cybersecure engineering, that there is an analysis of threats and risks. In Functional Security, the so-called HARA, the Hazard Analysis and Risk Assessment method, is the method for systematically addressing threats and risks.
Therefore, we also explain in the video course the distinction to the field of Functional Safety (according to ISO 26262).
For more information on the similarities and distinctions between Functional Safety and Cybersecurity, please read our blog article: Functional Safety vs. Cybersecurity
Note: The total length of this video course is 7-9 minutes. Get the best learning experience by watching video courses combined, discover our video bundles for that as well.
This short introductory first video of the five-part video course reveals what you will learn in this video course. Learn about the aspects of Threat Analysis and Risk Assessment that you are about to be introduced to and why it is important to know about them.
II. TARA in cybersecurity development
In this part of the course you will learn what exactly is meant by Threat Analysis and Risk Assessment in Cybersecurity Development according to ISO/SAE 21434:2021. You will learn when it is performed after the Item definition and what outcomes are intended to be achieved.
III. TARA outcomes definition and differences
In this part, we look at the two most important outcomes from TARA, Cybersecurity Goals and Cybersecurity Claims, and define both with examples.
What about the connection to Functional Safety? In this part of the learning course, we compare Hazard Analysis and Risk Assessment (HARA) from the Functional Safety domain to TARA from the Automotive Cybersecurity domain. Learn more about differences and similarities here.
V. Sum Up
Finally, here we will sum up what you have learned about Threat Analysis and Risk Assessment in Automotive Cybersecurity.