Threat Analysis and Risk Assessment | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

For WP.29, as part of the CSMS requirement, it’s required to apply TARA throughout the vehicle lifecycle. When you build a vehicle, you need to apply TARA on the critical vehicle components and as a result of this TARA, you need to apply mitigation inside the vehicle.

But, you also need to emit logs, that will later be used in the post-production detection system, and, you also need to secure the supply chain.

In post-production, you need to leverage these logs and additional logs, to apply post-production detection.

And, over the entire lifecycle of the vehicle, you need to have a process to assess risk, categorize risk, and apply risk treatment decisions, as part of your TARA process.

WP.29 also provides a specific list of threats in Annex Five of the regulation, that actually outlines a comprehensive list of attacks that cover many of the interfaces of the vehicle.

This list of attacks is used as a baseline for securing the vehicle, both in development and in post-production.

 

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Automotive Cybersecurity – A New Scope of Threats and Solutions

Upstream Security joined a 2025 SAFE Summit panel with executives from CNH Industrial, and Maniv Mobility discussing the critical cyber threats impacting the automotive and…

More Details

Contextual Cybersecurity: Digital Twins Power AI-Driven Threat Detection Across the Connected Vehicle Ecosystem

The automotive industry is undergoing a profound transformation, with software-defined vehicles (SDVs) at the forefront of this revolution. Vehicles now generate unparalleled volumes of data,…

More Details

Upstream’s 2025 Global Automotive Cybersecurity Report Executive Summary

The Automotive and Smart Mobility ecosystem experienced a sharp increase in cyber threats throughout 2024, with large- scale ransomware attacks causing unprecedented disruption. As cyber…

More Details

2025 Predictions: The Future of Automotive Cybersecurity

As cyber threats grow in scale and complexity, industry leaders weigh in on the challenges and innovations that will define 2025. From AI-driven defenses to…

More Details

The Hidden Cybersecurity Risks of the EV Charging Ecosystem – A Critical Look

As electric vehicles become a staple of sustainable mobility, the infrastructure supporting them—particularly EV charging stations—is growing rapidly to meet demand.

More Details

Proactive Quality Detection Solution Overview

Accelerate the resolution of vehicle quality issues by 30% with ML and AI-based early detection and root cause investigations.

More Details
Skip to content