Threat Analysis and Risk Assessment (TARA) - Intensive

In this one- or two-day workshop, we’ll provide you with the essential knowledge and practical experience to moderate and conduct an effective Threat Analysis and Risk Assessment (TARA) for automotive cybersecurity. TARA is central to ensuring compliance with automotive cybersecurity standards and is at the heart of any risk management strategy.

This training will guide you through your first TARA, introducing you to the risk assessment process outlined in Clause 15 of the international standard ISO/SAE 21434. While the standard provides the necessary «WHAT,» we will offer you a proven, step-by-step «HOW» to ensure successful implementation.

• Participants will collaboratively create an initial TARA.
• Each participant will receive an easy to use TARA tool, along with the TARA created during the workshop and a comprehensive risk assessment process documentation.
• Numerous real-world examples, common pitfalls, and practical tips to ensure smooth implementation.
• Insights into additional resources beyond ISO/SAE 21434 to support your TARA process.
• Learn how TARAs can be integrated across different levels of the supply chain for a unified approach.
• Learn differences and similarities to Automotive SPICE^® for Cybersecurity MAN.7 process.

• ISO/SAE 21434 Risk Assessment Method: Gain a deep understanding of the risk assessment methodology outlined in Clause 15 and the risk-based approach to threat analysis.
• Assessing Attack Feasibility: Learn how to evaluate different categories of impact for various damage scenarios and assess the likelihood of attacks.
• Asset Taxonomy: Understand how to select relevant assets, ensuring a comprehensive risk assessment process.
• Risk Treatment: Gain insight into how to treat risks effectively, from mitigation to acceptance.
• Supplementary Methods and External Resources: Discover how to enhance your TARA with additional methods and external sources such as MS STRIDE, ENISA, NIST, and more.
• Applying Clause 15 to the Concept Phase (Clause 9): Understand how to use TARA in the concept phase to set the foundation for ongoing cybersecurity efforts.
• TARA Case Study: Work through a detailed case study that applies the learned concepts step by step.
• TARA Facilitation: Learn how to facilitate a TARA session effectively within your team or organization.
• Risk Assessment Documentation: Understand the importance of thorough documentation for risk assessments, ensuring compliance and traceability.
• Outlook of latest discussions extending ISO/SAE 21434 edition 1 by CAL/TAF

The training «Threat Analysis and Risk Assessment (TARA) – Intensive» is offered in the following languages

• Training language: German, language training material: English
• Training language: English, language training material: English

This training is designed for professionals who:

• Are responsible for carrying out Threat Analysis and Risk Assessment (TARA) in their development projects.
• Are tasked with instructing colleagues on conducting regular risk analyses.
• Have future responsibilities related to automotive cybersecurity tasks.

Recommended prerequisites:

• first contacts to the terminology ISO/SAE 21434
• Training can be used as follow-up training to the Automotive Cybersecurity Engineer training.

Recommended Reading:

Before attending, we suggest reviewing “The New Cybersecurity Challenges and Demands for Automotive Organizations and Projects – An Insight View” from Springer to gain further context and prepare for the workshop.

Every participant receives:

• digital training material
• a digital certificate of participation

The Threat Analysis and Risk Assessment (TARA) – Intensive training is a one-day class (1 x 8hrs) that can be lengthened into a two-day, customized training for inhouse purposes.

For registrations until 6 weeks before the beginning at a scheduled training date we grant an early booking discount of 10% on the training price.

Alle Trainings dieses Themenbereichs

• Automotive SPICE®
  • intacs® certified Process Expert (Automotive SPICE® 4.0 incl. Guidelines)
  • intacs® certified Provisional Assessor (Automotive SPICE® 4.0)
  • intacs® certified Process Expert and Provisional Assessor (Automotive SPICE® 4.0)
  • intacs® certified Competent Assessor (Automotive SPICE® 4.0)
  • intacs® certified Automotive SPICE® Cybersecurity
  • Automotive SPICE® 4.0 – Official Upgrade
  • Automotive SPICE® 4.0 – Essentials
  • intacs® certified Automotive SPICE® Machine Learning