Delivering Threat Analysis and Risk Assessment Based on ISO 21434: Practical and Tooling Considerations

2021 ◽  
Vol 3 (2) ◽  
Author(s):  
Kamil Svancara ◽  
Martin J. Thompson
Keyword(s):  
Risk Assessment ◽  
Threat Analysis

Threat Analysis and Risk Assessment of Autonomous Driving Systems

2019 ◽  
pp. 71-82
Author(s):  
O. Ur-Rehman ◽  
G. Wallraf ◽  
G. Keßler ◽  
M. Jentges
Keyword(s):  
Risk Assessment ◽  
Autonomous Driving ◽  
Threat Analysis

Study on the Security of Government Portal Websites

2013 ◽  
Vol 380-384 ◽  
pp. 2534-2538
Author(s):  
Zhao Zhang ◽  
Fang Yong
Keyword(s):  
Risk Assessment ◽  
Assessment Model ◽  
Risk Assessment Model ◽  
Security Risk ◽  
Threat Analysis ◽  
The Government ◽  
Security Risk Assessment ◽  
Government Portal ◽  
Portal Website ◽  
Administrative Strategies

On the basis of threat analysis, the paper proposes a security risk assessment model for government portal website. Using the model, the paper systematically analyzes the security risk of government portal websites and then explains the reason of them. To enhance the security of government portal websites, both technical and administrative strategies were proposed. Those security strategies help improve the image of the government and it plays an important role in constructing service government.

scholarly journals Cybersecurity Threat Analysis, Risk Assessment and Design Patterns for Automotive Networked Embedded Systems: A Case Study

2021 ◽  
Vol 27 (8) ◽  
pp. 830-849
Author(s):  
Jürgen Dobaj ◽  
Damjan Ekert ◽  
Jakub Stolfa ◽  
Svatopluk Stolfa ◽  
Georg Macher ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Embedded Systems ◽  
Design Patterns ◽  
Automotive Sector ◽  
Secure Systems ◽  
Threat Analysis ◽  
Networked Embedded Systems ◽  
Current Stage

Cybersecurity has become a crucial challenge in the automotive sector. At the current stage, the framework described by the ISO/SAE 21434 is insufficient to derive concrete methods for the design of secure automotive networked embedded systems on the supplier level. This article describes a case study with actionable steps for designing secure systems and systematically eliciting traceable cybersecurity requirements to address this gap. The case study is aligned with the ISO/SAE 21434 standard and can provide the basis for integrating cybersecurity engineering into company-specific processes and practice specifications.

scholarly journals Threat Analysis and Risk Assessment for Connected Vehicles: A Survey

2021 ◽  
Vol 2021 ◽  
pp. 1-19
Author(s):  
Feng Luo ◽  
Yifan Jiang ◽  
Zhaojing Zhang ◽  
Yi Ren ◽  
Shuo Hou
Keyword(s):  
Risk Assessment ◽  
Defense Mechanisms ◽  
Early Stage ◽  
Rapid Development ◽  
Connected Vehicles ◽  
Potential Threat ◽  
Driving Experience ◽  
Threat Analysis ◽  
Vehicle Systems

With the rapid development of connected vehicles, people can get a better driving experience. However, the interconnection with the external network may bring growing accidents caused by cybersecurity vulnerabilities. As a result, automakers are paying more attention to cybersecurity and spending more cost on developing cybersecurity defense mechanisms. Threat analysis and risk assessment (TARA) is an efficient method to ensure the defense effect and greatly save costs in the early stage of vehicle development. It analyzes the threat of vehicle systems and determines the hierarchical defense and corresponding mitigations according to the potential threat to the system. This paper gives an overview of threat analysis and risk assessment in the automotive field. First, a novel classification of different TARA methods has been proposed. The existing methods have been analyzed and compared. Then, we have found some commonly used tools applied to TARA and compared their performance. After that, a concept named attack-defense mapping is proposed to figure out how to map the already found threats and vulnerabilities of the system to the appropriate mitigations. At last, the future development directions of TARA in the automotive domain have been discussed.

TARA+: Controllability-aware Threat Analysis and Risk Assessment for L3 Automated Driving Systems

2019 ◽  
Author(s):  
Anastasia Bolovinou ◽  
Ugur-Ilker Atmaca ◽  
Al Tariq Sheik ◽  
Obaid Ur-Rehman ◽  
Gerhard Wallraf ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Automated Driving ◽  
Threat Analysis

RooT37 – CUTA’s TRA Tool in Response to a Changing Threat Landscape

2021 ◽  
Author(s):  
Astrid Boelaert ◽  
Ben Thys ◽  
Matthias Van Hoey
Keyword(s):  
Risk Assessment ◽  
Assessment Tool ◽  
Action Plan ◽  
Risk Assessment Tool ◽  
Risk Indicators ◽  
Coordination Unit ◽  
Threat Analysis ◽  
Threat Level ◽  
Professional Judgments ◽  
Information Gaps

In this chapter the authors discuss the establishment of the Belgian ‘Coordination Unit for Threat Analysis’ (CUTA), its remits and fields of competence and how its scope was widened in the last few years because of changes in the threat landscape of problematic radicalization, extremism and terrorism and the changing tactics of the Belgian government to tackle them. In the second part of this chapter the authors elaborate on ‘RooT37’, a risk assessment tool that was tailor-made by CUTA to address its newly assigned tasks in the framework of the revised Belgian Action Plan on Radicalism. The tool takes several risk indicators into account to aid CUTA’s experts in making structured professional judgments about threats and risks posed by monitored individuals, and semi-automatically produces a threat level. Furthermore, it provides CUTA’s support agencies with clues for further investigation based on discovered information gaps through the assessment. Finally, it also points out opportunities for coordinated intervention by partner services to reduce the risk posed by monitored individuals. Certain characteristics of the methodology of the tool are described in more detail, as well as its advantages and some challenges for the future.

Sign in / Sign up

Export Citation Format

Share Document