| Angenommene Version Download ( PDF | 609kB) |
Elevating TARA: A Maturity Model for Automotive Threat Analysis and Risk Assessment
Vielberth, Manfred
, Raab, Kristina
, Glas, Magdalena
, Grümer, Patrick
und Pernul, Günther
(2024)
Elevating TARA: A Maturity Model for Automotive Threat Analysis and Risk Assessment.
In: ARES 2024 The 19th International Conference on Availability, Reliability and Security, July 30 - August 02, 2024, Vienna, Austria.
Veröffentlichungsdatum dieses Volltextes: 18 Jul 2024 08:43
Konferenz- oder Workshop-Beitrag
DOI zum Zitieren dieses Dokuments: 10.5283/epub.58666
Zusammenfassung
The importance of automotive cybersecurity is increasing in tandem with the evolution of more complex vehicles, fueled by trends like V2X or over-the-air updates. Regulatory bodies are trying to cope with this problem with the introduction of ISO 21434, which standardizes automotive cybersecurity engineering. One piece of the puzzle for compliant cybersecurity engineering is the creation of a ...
The importance of automotive cybersecurity is increasing in tandem with the evolution of more complex vehicles, fueled by trends like V2X or over-the-air updates. Regulatory bodies are trying to cope with this problem with the introduction of ISO 21434, which standardizes automotive cybersecurity engineering. One piece of the puzzle for compliant cybersecurity engineering is the creation of a TARA (Threat Analysis and Risk Assessment) for identifying and managing cybersecurity risks. The more time security experts invest in creating a TARA, the more detailed and mature it becomes. Thus, organizations must balance the benefits of a more mature TARA against the costs and resources required to achieve it. However , there is a lack of guidance on determining the appropriate level of effort. In this paper, we propose a data-driven maturity model as a management utility facilitating the decision on the maturity-cost trade-off for creating TARAs. To evaluate the model, we conducted interviews with seven automotive cybersecurity experts from the industry.
Alternative Links zum Volltext
Beteiligte Einrichtungen
Details
| Dokumentenart | Konferenz- oder Workshop-Beitrag (Nicht ausgewählt) | ||||
| Open Access Art: | SHERPA/RoMEO | ||||
|---|---|---|---|---|---|
| Datum | 2024 | ||||
| Institutionen | Wirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatik und Data Science > Fachbereich Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) | ||||
| Identifikationsnummer |
| ||||
| Verwandte URLs |
| ||||
| Stichwörter / Keywords | Threat Analysis and Risk Assessment, Maturity Model, Automotive Cybersecurity | ||||
| Dewey-Dezimal-Klassifikation | 000 Informatik, Informationswissenschaft, allgemeine Werke > 004 Informatik | ||||
| Status | Veröffentlicht | ||||
| Begutachtet | Ja, diese Version wurde begutachtet | ||||
| An der Universität Regensburg entstanden | Zum Teil | ||||
| URN der UB Regensburg | urn:nbn:de:bvb:355-epub-586667 | ||||
| Dokumenten-ID | 58666 |
Downloadstatistik
Downloadstatistik