Los puntos clave no están disponibles para este artículo en este momento.
In recent years, the development of cybersecurity standards for cyber-physical systems, such as automotive systems, has seen significant progress. One key development is ISO/SAE 21434, released in 2021, which provides a framework for managing and analyzing cybersecurity in the electrical systems of road vehicles. This standard also introduces methods for the Threat Analysis and Risk Assessment (TARA) process. However, current security analysis techniques face two notable challenges: first, the conventional CVSS-based approach is inadequate for assessing attack feasibility in cyber-physical systems. Second, the relationship between damage factors and their impact on assets remains unclear. This paper addresses these issues by enhancing the TARA process through the use of the "asset container" method for threat classification, as proposed at DECSoS 2017, alongside a CWSS-based risk quantification approach. Furthermore, the paper suggests improvements to risk evaluation methods specifically tailored for automotive systems, focusing on direct access attacks on in-vehicle networks.
A et al. (Fri,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: