Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Asset Identification

Asset identification can be regarded as a two-step-procedure, where

  • in step 1, all asset candidates are identified based on the design, and

  • in step 2, cybersecurity relevant assets are defined.

Step 1: Asset candidates

To manage your asset candidates open the Assets Selection in the RM folder.

grafik-20240827-053341.png

Add content as needed:

  • Text fields are provided to assign a Name and Description to your Asset.

  • Select an Element Category from drop-down menu as required.

  • The column Model Element provides a drop-down menu containing all model elements in your project that have the stereotype “Asset” assigned to them.

  • The column Vunerability provides a drop-down menu containing all model elements in your project that have the stereotype “Vunerability” assigned to them.

Step 2: Cybersecurity assets and damage scenarios

TARA main table - group “Asset Identification”

An asset candidate can be added to TARA table by either double-clicking in column Asset Name and selecting from drop-down menu, or dragging and dropping an asset from project assets view. Any attributes defined for the asset like Description and Element Category will be transferred along with the asset name.

grafik-20240809-094706.png

To further analyze an asset add a cybersecurity property by selection from drop-down menu in corresponding column Cybersecurity Property.

grafik-20240809-094739.png

TARA main table - group “Damage Scenario”

To finalize asset identification, you need to identify damage scenarios that might be realized in case an asset’s cybersecurity property is compromised.

To manage your damage scenarios, open the project damage scenarios view in the RM folder and click the grafik-20240827-053602.png - icon to add a new row.

grafik-20240827-053714.png

Name and Description are once again text fields which will take input after double-clicking them. A stakeholder can be selected from drop-down in column Stakeholder. The impact can be rated in the categories Safety, Financial, Operational, and Privacy or any additional category defined in a custom profile. Complete your damage scenario by filling in text in columns Justification and Assumptions on Impact as needed.

To assign a damage scenario from project damage scenarios view to an asset in TARA table drag it and drop it anywhere in a row. Alternatively a damage scenario can be selected from the drop-down menu in the column Name.

grafik-20240809-100756.png

  • No labels