C-SOX TARA

Owned by EnCo Software GmbH
Last updated: Jul 05, 2023 by Klaus Finsterbusch
1 min read

The C-SOX Threat Analysis and Risk Assessment (TARA) module meets your security needs with consideration of relevant standards such as ISO/SAE 21434 „Road vehicles – Cybersecurity engineering“ as the new industry standard for automotive cybersecurity.

In C-SOX security analysis starts with modelling the item or preliminary architecture based on SysML/UML. Asset candidates identified in the model are further analyzed in C-SOX TARA by identifying damage scenarios in regards to all relevant combinations of cybersecurity properties and stakeholders. The impact and attack feasibility of associated damage and threat scenarios, respectively, can be rated based on pre-defined and / or customized parameters. The attack feasibility can be rated by either using an attack potential based approach, CVSS based approach or attack vector. In addition rating parameters incl. their levels and mapping tables, as well as risk matrices can be customized and stored to a TARA profile for reuse.

 

Links

https://enco-software.atlassian.net/wiki/spaces/SUD/pages/3056074753