Threat Analysis and Risk Assessment | ISO/SAE 21434 and WP.29 CSMS

TEAM UPSTREAM

For WP.29, as part of the CSMS requirement, it’s required to apply TARA throughout the vehicle lifecycle. When you build a vehicle, you need to apply TARA on the critical vehicle components and as a result of this TARA, you need to apply mitigation inside the vehicle.

But, you also need to emit logs, that will later be used in the post-production detection system, and, you also need to secure the supply chain.

In post-production, you need to leverage these logs and additional logs, to apply post-production detection.

And, over the entire lifecycle of the vehicle, you need to have a process to assess risk, categorize risk, and apply risk treatment decisions, as part of your TARA process.

WP.29 also provides a specific list of threats in Annex Five of the regulation, that actually outlines a comprehensive list of attacks that cover many of the interfaces of the vehicle.

This list of attacks is used as a baseline for securing the vehicle, both in development and in post-production.

 

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Cybersecurity and compliance in the age of autonomy

As autonomous technologies advance toward Levels 3-4, securing these innovative systems requires a unique product cybersecurity approach.

More Details

Cybersecurity in motion: Safeguarding mobility critical infrastructure

The evolution of connected mobility, electrification, and data-driven services has transformed them into critical infrastructure, reshaping the risk landscape of smart mobility. This shift demands&hel

More Details

Global Automaker Partners with Upstream to Enhance Fleet Cybersecurity

More Details

Upstream Security and Volta Team Up to Safeguard the Future of Electric Fleets

Ensuring driver safety, vehicle safety, and cybersecurity resilience is a top priority for Volta. We’re thrilled to support this commitment and showcase how our collaboration…

More Details

Podcast by Sonatus: Navigating Cybersecurity Threats in the Automotive Industry

Auto Tech Detroit 2024 highlighted the pressing issue of cybersecurity in the automotive ecosystem. Recorded live during the event, John Heinlein, CMO of Sonatus, had…

More Details

H1’2024 Report: Redefining Automotive & Smart Mobility IoT Cyber Risks

SIM-enabled IoT devices, primarily in the automotive and smart mobility ecosystem, have evolved into critical infrastructure, redefining cyber risks and requiring stakeholders to ensure safety,&hellip

More Details
Skip to content