Versions Compared

Old Version 1

changes.mady.by.user Ranveersinha A.

Saved on

compared with

New Version Current

changes.mady.by.user Ranveersinha A.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
minLevel3

Attack Path

Set of deliberate actions to realize a threat scenario.

Attack Path Steps

Enumerate each step needed to perform the threat scenario.

Attack Feasibility Rating

An attribute of an attack path describes the ease of successfully carrying out the corresponding set of actions. By default, the ISO/SAE 21434:2021 rating scale is used.

Creating a Manual Attack Path

Note

A Manual Attack Path refers to the manual way of describing and rating the feasibility of attack paths. It does not refer to potential based attacks or CVSS methodologies.

To create a Manual Attack Path

  1. In the Containment tree, right-click Attack Paths and Feasibility Ratings and select Create Element.



  2. Do one of the following:
    • In the dialog, expand ISO 21434 and select Manual Attack Path.



    • In the search tab, type the keyword attack and then select Manual Attack Path.



  3. Name the created Manual Attack Path in the Containment tree and press Enter. The Manual Attack Path has the prefix AP, which denotes that the created element is a Manual Attack Path; the number 1 indicates that it is the first Manual Attack Path created.

    Image Modified

Creating a Manual Attack Path Table

Info

If you create a new project using the ISO 21434 Project template, then a Manual Attack Paths table already exists in the 1.3 Attack Paths and Feasibility Ratings package.


To create a Manual Attack Path Table

  1. In the Containment tree, right-click Attack Paths and Feasibility Ratings and select Create Diagram.



  2. Do one of the following:
    • In the dialog, expand ISO 21434 and select Manual Attack Path Table.



    • In the search tab, type the keyword attack and then select Manual Attack Path Table.



      The Manual Attack Table is displayed in the diagram pane of the modeling tool.

Adding a Manual Attack Path to Manual Attack Path Table

To add a new Manual Attack Path to the Manual Attack Path Table

  1. In the Manual Attack Path Table, click Add New. A row is added in the Manual Attack Path Table, which shows the new Manual Attack Path.



  2. In the newly created Manual Attack Path's row and the Name column, double-click the designated cell to name the Manual Attack Path.

    Image Modified

To add an existing Manual Attack Path to the Manual Attack Path Table

  1. In the Manual Attack Path Table, click Add Existing.



  2. From the Select Attack Path dialog, select the required Manual Attack Path. A row is added to the Manual Attack Path Table, which shows the existing Manual Attack Path.

    Image Modified

  3. In the existing Manual Attack Path's row and the Name column, double-click the designated cell to rename the Manual Attack Path.

    Image Modified

Adding Attack Path Steps

To add Attack Path Steps to the Manual Attack Path Table

  1. Double-click the designated cell in the Attack Path Steps column and the required Manual Attack Path's row and click .



  2. From the Select Situationdialog, select Attack Path Steps.



    The Attack Path Steps now shown in the Manual Attack Path Table.

    Image Modified

Note
  • You can also drag and drop the Attack Path Step from the Containment tree to the Threat Scenario Table.
  • You can move the Attack Path Steps in the Select Situationdialog by clicking Up or Down.

 

Adding an Attack Feasibility Rating

To rate the Attack Feasibility

  • Double-click the cell in the Manual Attack Path's row and from the drop-down list, select Attack Feasibility Rating.

    Image Modified

    The Attack Feasibility Rating is now shown in the Manual Attack Path Table.

    Image Modified

Manual Attack Path Table Example

Image Modified

Info
titleReferences

ISO/SAE 21434:2021 Road vehicles-Cybersecurity engineer