Morten Harter

Context: The automotive TARA (Threat Analysis and Risk Assessment) is a methodology used to create cyber security assessments for automotive systems. Currently, this methodology is only loosely defined, resulting in overall differences, as well as limited comparability and reusability between assessments. These limitations are partly considered by TRADE (https://doi.org/10.13154/294-8355) and MoRA (https://dl.acm.org/doi/10.1145/3569458), but do not cover all relevant aspects.

Goal: Extend the automotive TARA to allow modularity through formally defined interfaces. These interfaces will enable the combination of system components and their partial assessments into a complete system-wide assessment.

Requirements: Prior knowledge about modelling languages (e.g. SysML), automotive systems and risk assessment is not required but might be helpful. Knowledge about IT Security in general can be helpful.