Glossary · ISO/SAE 21434

Attack Feasibility

Estimation of how achievable an attack path is, expressed via factors such as elapsed time, expertise, knowledge, opportunity, and equipment.

Attack feasibility (ISO/SAE 21434 Annex G) scores an attack path along five factors and aggregates them into a feasibility band (high, medium, low, very low). It combines with damage-scenario severity to produce the risk value used in risk treatment.

Related terms

Attack Path
Sequence of attacker steps from initial access to compromise of a cybersecurity property.
Risk Value
ISO/SAE 21434 risk score derived from impact (SFOP) and attack feasibility.
TARA
Threat Analysis and Risk Assessment — the structured cybersecurity risk method of ISO/SAE 21434.

Need help applying Attack Feasibility on a programme? Use the contact form or request a KAVACH demo.

Attack Feasibility

Attack Path

Risk Value

TARA