Residual Risk Evaluation – Necessary Iteration

Posted: September 5, 2024

In this article

Jiannan Wang

The cybersecurity standard ISO/SAE 21434 illustrates the development workflow in the Automotive concept phase. Cybersecurity requirements are derived from goals based on the mitigations of TARA (Threat Analysis and Risk Assessment) processes. It does however not refer to how to evaluate the effectiveness and adequacy of the successful implementation of those requirements. To handle such cases, re-evaluation of risks with consideration of implemented requirements becomes a necessity.

SystemWeaver’s cybersecurity module provides not only the initial evaluation of risks but also a second evaluation after the definition of cybersecurity requirements. This offers a way for residual risk evaluation in the early concept phase, as a confirmation of the adequacy of deployed controls, rather than pushing it to verification and validation.

 

You may also be interested in

  • Driving car in mist

    Driving the Future of Automotive Development: How SystemWeaver Revolutionizes Software Product Lifecycle Management

    The automotive industry is undergoing a profound transformation, driven by the growing importance of software in vehicles. As the industry shifts towards Software Defined Vehicles (SDVs), the need for robust, comprehensive software product lifecycle management (PLM) solutions has never been greater. SystemWeaver is at the forefront of this revolution, offering a suite of tools and [...]

  • Grounded in AI System Engineering

    Grounded AI in System Engineering: Letting the SystemWeaver Model Do the Heavy Lifting

    We often see AI initiatives in engineering begin by pointing an LLM at documents, while the richest context – the structured system and safety data in MBSE/PLM tools – ends up as an afterthought. Our experience in safety-critical development is that the real asset is something else entirely – the system model you already keep [...]

  • How automotive software development i changing blog image

    How automotive software development is changing, and what that means for standards, architectures, and long term flexibility

    In this interview, Anders Hallgren, VP Product at SystemWeaver, shares his perspective on AUTOSAR, the shift toward service based communication, and why technology agnostic system design is becoming increasingly important for OEMs navigating rapid change. What is happening with AUTOSAR? From what we see through our participation and through our customers worldwide, the Classic Platform [...]