A Practical Threat Modeling Approach for Automotive Systems
Threat modeling is at the core of any secure engineering process. It is the driver for understanding and prioritizing threats against the system and deriving cybersecurity goals, security controls, and security requirements necessary to treat those threats. Before performing a threat analysis and risk assessment (TARA), teams are essentially blind to most risks that their system is exposed to. They also have no clear vision of which risks are the most urgent to treat. Even when a rudimentary security analysis has taken place through brainstorming or consulting a security expert, there is no guarantee that risks have been analyzed comprehensively. The TARA solves this problem by providing engineering teams with a systematic approach to exposing and prioritizing threats based on a risk management approach. Due to the safety and operational aspects of automotive systems, simply borrowing threat modeling methods from IT is not...
