Threat Scenario
Potential cause of compromise of cybersecurity properties of one or more assets in order to realize a damage scenario.
Attack Path
Set of deliberate actions to realize a threat scenario.
Failure
Termination of an intended behavior of an element or an item due to a fault manifestation.
To create a Threat Scenario
If you create a new project using the ISO 21434 Project template, then a Threat Scenario Table already exists in the 1.2 Threat Scenarios package. |
To create a Threat Scenario Table
To add a new Threat Scenario to the Threat Scenario Table
To add an existing Threat Scenario to the Threat Scenario Table
To create a custom threat type
Threat Types are displayed by default in the TARA analysis as Threat Scenarios. To prevent that, you must create the Threat Types in a dedicated package or library. |
You can group the custom-created threat types by creating custom packages and placing them under the custom packages. To create a new package, you must create a generalization set of the required custom threat types. To learn more about creating a generalization set, refer to Generalization set.
The following example displays a typical scenario in which a generalization set can be created.
You can also create subcategories of the custom-created threat types. Doing so will create a nesting effect in the Select Threat Type dialog.
To create subcategories of the custom-created threat type
To add a Threat Type
You can add multiple attack paths for a given Threat Scenario. |
To add an Attack Path
|
To add a Failure
You can also drag and drop the Failure modes from the Containment tree to the Threat Scenario Table. |
You can add multiple Impacted Assets for a given Threat Scenario. |
To add an Impacted Asset
You can also drag and drop the Impacted Assets from the Containment tree to the Threat Scenario Table. |
The maximum value among all the attacks paths for the given threat scenario is considered as the Aggregated Attack Feasibility Rating. |