Threat Analysis and Risk Assessment | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

For WP.29, as part of the CSMS requirement, it’s required to apply TARA throughout the vehicle lifecycle. When you build a vehicle, you need to apply TARA on the critical vehicle components and as a result of this TARA, you need to apply mitigation inside the vehicle.

But, you also need to emit logs, that will later be used in the post-production detection system, and, you also need to secure the supply chain.

In post-production, you need to leverage these logs and additional logs, to apply post-production detection.

And, over the entire lifecycle of the vehicle, you need to have a process to assess risk, categorize risk, and apply risk treatment decisions, as part of your TARA process.

WP.29 also provides a specific list of threats in Annex Five of the regulation, that actually outlines a comprehensive list of attacks that cover many of the interfaces of the vehicle.

This list of attacks is used as a baseline for securing the vehicle, both in development and in post-production.

 

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Driving Cybersecurity – CISO Conversations: Insights from Automotive and Mobility Leaders

Explore the future of automotive cybersecurity in this exclusive panel discussion. Industry leaders from Upstream, Google Cloud, Deloitte, Auto ISAC, BorgWarner, CNH Industrial, and General…

More Details

Transforming Automotive Quality, Warranty, and Recall Strategies: AI Meets Connected Vehicle Data

The automotive industry is undergoing a profound transformation, with software-defined vehicles (SDVs) at the forefront of this revolution. Vehicles now generate unparalleled volumes of data,…

More Details

Paving the Roadmap from vSOC 3.0 to 4.0: Navigating Cybersecurity’s Next Frontier

Discover their insights on securing the future of connected and autonomous vehicles, safeguarding IP amid regulatory complexities, and the critical role of AI in the…

More Details

Mobility Cyber Threat Intelligence

Gain unparalleled visibility into the mobility threat landscape with actionable asset-specific intelligence findings and mitigation recommendations.

More Details

Upstream for IoT Cybersecurity Solution Overview

Monitor and secure connected devices in the Automotive and Smart Mobility Ecosystem with a multi-layered, ML-based detection and response (XDR) solution, augmented by robust GenAI-powered…

More Details

Watch: Cybersecurity in motion: Safeguarding mobility critical infrastructure

The evolution of connected mobility, electrification, and data-driven services has transformed them into critical infrastructure, reshaping the risk landscape of smart mobility. This shift demands&hel

More Details
Skip to content