The concept phase
You are in the concept phase if you are developing a new vehicle function in an item or a single component out of context and need to determine the cybersecurity goals and requirements that must be fulfilled by your item or component. As shown in Figure 5.3, you are on the top left-hand side of the V-development cycle and your objective is to identify and treat the risks related to your system:
Figure 5.3 – V diagram with a security overlay
To achieve this objective, you must rely on the TARA methods shown in Figure 5.1. In practice, this process is initiated whenever a new security-relevant feature is introduced into the system to ensure that any new cybersecurity risk is understood and the overall cybersecurity concept is adapted to handle this new risk. This is known as the secure by design approach and it promises to reduce the likelihood of expensive rework when issues are discovered late in the product life cycle.
Before...
