Common pitfalls when preparing a TARA
Before discussing the details of the practical TARA methods in this chapter, let’s take a moment to give an honorable mention to the telltale signs that the TARA being prepared will have bad outcomes. By understanding the common pitfalls, we will gain some perspective as to why a better approach is needed.
As we introduced earlier, the lack of agreement on the attacker and threat model is a guaranteed source of heartburn throughout the TARA process. If you are the reviewer of a TARA where the authors cannot articulate which attackers and threat types they are aiming to defend against, then this should raise a red flag. Along the same lines, a lack of correct assumptions about the operational environment is a sign of a likely incomplete analysis or an over-engineered system. In many cases, you do not have the full details about your target system. You may be developing an ECU, a software application, a microcontroller, or even just a library...
