bluemsi/2nd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22cd97698ef9352ce3ac6cd79ef9508bc9dfc09f
2nd/10_Wiki/Topics/Architecture/TARA.md
T
Antigravity Agent f8b21af4be Wiki cleanup: error-doc removal, dedup merge, link normalization 
10_Wiki/Topics 대규모 정리:
- 오류 캡처/미완성 stub 문서 227개 제거
- 교차폴더 중복 43클러스터 병합 (63파일 → redirect)
- 링크명 정규화: 깨진 링크 수정·redirect 직결·개념 매핑 ~2,400건
- 카테고리 MOC 6개 신규 생성
- Graph 섹션 미해결 related-keyword 링크 10,058건 제거

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 23:52:15 +09:00

169 lines
4.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
id: wiki-2026-0508-tara
title: TARA (Threat Analysis and Risk Assessment)
category: 10_Wiki/Topics
status: verified
canonical_id: self
aliases: [Threat Analysis Risk Assessment, ISO 21434 TARA, Automotive Threat Modeling]
duplicate_of: none
source_trust_level: A
confidence_score: 0.9
verification_status: applied
tags: [security, threat-modeling, automotive, iso-21434]
raw_sources: []
last_reinforced: 2026-05-10
github_commit: pending
tech_stack:
language: methodology
framework: iso-21434
---
# TARA (Threat Analysis and Risk Assessment)
## 매 한 줄
> **"매 automotive cybersecurity 의 mandatory threat modeling"**. 매 ISO/SAE 21434 의 core process — 매 vehicle E/E system 의 cybersecurity risk 의 systematic 의 identify + assess + treat. 2026 의 UNECE R155 type-approval 의 prerequisite.
## 매 핵심
### 매 7 steps (ISO 21434 §15)
1. **Asset identification**: 매 cybersecurity property (CIAA) 의 정의.
2. **Threat scenario identification**: STRIDE/EVITA 의 적용.
3. **Impact rating**: Safety, Financial, Operational, Privacy (SFOP).
4. **Attack path analysis**: 매 attack tree / kill chain.
5. **Attack feasibility rating**: time, expertise, knowledge, opportunity, equipment.
6. **Risk determination**: Impact × Feasibility → 1-5 risk value.
7. **Risk treatment**: avoid, reduce, share, retain.
### 매 STRIDE for automotive
- **S**poofing — 매 ECU identity forgery (CAN ID).
- **T**ampering — 매 firmware mod, OTA hijack.
- **R**epudiation — 매 audit log absence.
- **I**nfo disclosure — 매 GPS/PII leak.
- **D**oS — 매 CAN bus flood.
- **E**oP — 매 infotainment → drive ECU pivot.
### 매 vs IT threat modeling
- **Lifecycle**: 매 15 yr vehicle 의 — 매 long-term update.
- **Safety coupling**: 매 cyber → physical harm (브레이크).
- **Supply chain**: 매 multi-tier (OEM ← T1 ← T2).
- **Standards**: 매 ISO 21434 + UNECE R155 의 mandatory.
### 매 응용
1. New vehicle development (concept phase).
2. CSMS audit evidence.
3. Post-incident re-assessment.
## 💻 패턴
### Asset table (YAML)
```yaml
assets:
- id: ASSET-01
name: Brake control message
properties: [integrity, availability]
rationale: Loss → safety-critical
- id: ASSET-02
name: GPS trajectory log
properties: [confidentiality]
rationale: PII / GDPR
- id: ASSET-03
name: ECU firmware
properties: [integrity, authenticity]
```
### Damage scenario × impact rating
```yaml
damage_scenarios:
- id: DS-01
asset: ASSET-01
description: Attacker injects fake brake-release message
impact:
safety: severe # S3 (life-threatening)
financial: moderate
operational: major
privacy: negligible
overall: severe
```
### Threat scenario (STRIDE)
```yaml
threats:
- id: TS-01
target: ASSET-01
stride: tampering
description: Spoof brake CAN frame from compromised infotainment
leads_to: DS-01
```
### Attack path
```
Internet → Telematics gateway (CVE-X) → Internal CAN gw bypass →
Body CAN → Inject 0x100 brake frame
```
### Feasibility rating (ISO 21434 Annex G)
```yaml
attack_path: AP-01
factors:
elapsed_time: 1_to_6_months # 4 pts
expertise: expert # 6 pts
knowledge: restricted # 3 pts
window: easy # 1 pts
equipment: specialized # 4 pts
total: 18 # → Medium feasibility
```
### Risk matrix
```
Feasibility →
Impact ↓ VeryLow Low Med High
Severe 2 3 4 5
Major 1 2 3 4
Moderate 1 1 2 3
Negligible 1 1 1 2
```
### Treatment plan
```yaml
risk: R-01 (severe × medium = 4)
treatment: reduce
controls:
- C-01: Message Authentication Code (MAC) on brake CAN
- C-02: Secure boot on telematics gateway
- C-03: Firewall rules between domains
residual_risk: 2 # acceptable
```
## 매 결정 기준
| 상황 | Approach |
|---|---|
| Automotive E/E (mandatory) | TARA per ISO 21434 |
| IT system | STRIDE / PASTA |
| Industrial control (ICS) | IEC 62443 ZCR |
| Generic risk | NIST 800-30 |
**기본값**: 매 ISO 21434 TARA — 매 OEM type approval (UNECE R155) 의 required.
## 🔗 Graph
- 변형: [[STRIDE]] · [[OCTAVE]]
## 🤖 LLM 활용
**언제**: threat scenario brainstorming, attack tree generation, control gap analysis.
**언제 X**: final risk decision (human cybersecurity engineer 의 sign-off).
## ❌ 안티패턴
- **One-shot TARA**: 매 lifecycle 의 update 의 — 매 vuln/incident 의 trigger.
- **Generic STRIDE only**: 매 automotive-specific 의 EVITA 의 augment.
- **Skipping feasibility**: 매 impact-only 의 risk 의 inflated.
- **Doc theater**: 매 controls 의 implement 의 X — 매 evidence 의 X.
## 🧪 검증 / 중복
- Verified (ISO/SAE 21434:2021, UNECE WP.29 R155, EVITA project).
- 신뢰도 A.
## 🕓 Changelog
| 날짜 | 변경 |
|---|---|
| 2026-05-08 | Phase 1 |
| 2026-05-10 | Manual cleanup — ISO 21434 7-step TARA, automotive STRIDE |
Reference in New Issue View Git Blame Copy Permalink