Morten Harter

Context: TARA (Threat Analysis and Risk Assessment) is a methodology used to create cyber security assessments for automotive systems. Currently, this methodology is only loosely defined, resulting in overall differences, as well as limited comparability and reusability between assessments. These limitations are partly considered by TRADE (https://doi.org/10.13154/294-8355) and MoRA (https://dl.acm.org/doi/10.1145/3569458), but do not cover all relevant aspects.

Goal: Create a formalization approach and extend the TARA model to include a more precise and specific system model. Further define interfaces that allow to connect system components and their assessments to other components.

Requirements: Prior knowledge about modelling languages (e.g. SysML), automotive systems and risk assessment is not required but might be helpful. Knowledge about IT Security in general can be helpful.