Morten Harter

Context: Cyber-physical systems (CPS) combine digital and physical components. Vulnerabilities in these systems can endanger both users and bystanders. While threat analysis and risk assessment are established practices during development, current methodologies lack support for configurable and modular systems.

Goal: The goal is to extend an existing methodology into a formalized, modular approach to threat and risk analysis. The approach should allow partial assessments of individual components that can later be reused and integrated into a full system-wide assessment.

Requirements: Prior knowledge about modelling languages (e.g. SysML), automotive systems and risk assessment is not required but might be helpful. Knowledge about IT Security in general can be helpful.