Threat Analysis and Risk Assessment (TARA) is one of the cornerstones for complying with the UN-R155 automotive cybersecurity regulation. In fact, the UN-R155 requires OEMs to perform risks assessments and demonstrate the appropriate management of risks throughout vehicle's lifecycle. To meet these regulatory requirements, automotive stakeholders rely on the recently published ISO/SAE 21434 standard which addresses several cybersecurity aspects including TARA methods. More specifically, the UN-R155 provides a list of threats to be considered in TARAs. These threats are not always relevant when analyzing a given feature as it depends on the attacker's motivation. If we consider the threat related to physical attacks for example, a vehicle user would bemore interested in tuning his vehicle than triggering safety related feared events; whereas a thief would be rather interested in inviolability relatedfeatures, and he has very limited interest in infotainment features. In this paper, based on our experience with the ISO/SAE 21434 standard and more specifically ISO/SAE 21434-based TARAs, we describe how to achieve pragmatic and efficient risks assessments. First, we recall some limitations of ISO/SAE 21434-based risks assessment and propose improvements related to attack feasibility rating. Then, relying on the Threat, Vulnerability and Risk Assessment (TVRA) methodology, we show how relevant automotive threat agents' capability and motivation levels can be taken into account to focus on relevant attack paths and determine risk values that better re ect the probability of real attacks, thus facilitating risk treatment decisions.
Barki et al. (Wed,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: