For WP.29, as part of the CSMS requirement, it’s required to apply TARA throughout the vehicle lifecycle. When you build a vehicle, you need to apply TARA on the critical vehicle components and as a result of this TARA, you need to apply mitigation inside the vehicle.
But, you also need to emit logs, that will later be used in the post-production detection system, and, you also need to secure the supply chain.
In post-production, you need to leverage these logs and additional logs, to apply post-production detection.
And, over the entire lifecycle of the vehicle, you need to have a process to assess risk, categorize risk, and apply risk treatment decisions, as part of your TARA process.
WP.29 also provides a specific list of threats in Annex Five of the regulation, that actually outlines a comprehensive list of attacks that cover many of the interfaces of the vehicle.
This list of attacks is used as a baseline for securing the vehicle, both in development and in post-production.