Glossary · ISO/SAE 21434

TARA

Also known as: Threat Analysis and Risk Assessment

Threat Analysis and Risk Assessment — the structured cybersecurity risk method of ISO/SAE 21434.

TARA is the analytical core of ISO/SAE 21434 Clause 15. It moves from item definition and asset identification, through damage and threat scenarios, attack-path and attack-feasibility analysis, risk determination, and risk treatment. The output drives cybersecurity goals, claims, requirements, controls, and the verification evidence captured in the cybersecurity case.

Why it matters

TARA is the activity assessors and OEM cybersecurity teams scrutinise hardest. Inconsistent risk scoring and thin attack-path coverage are the most common audit findings.

Related terms

Asset (cybersecurity)
Component, function, data flow, or property of an item whose compromise can cause harm.
Damage Scenario
Description of the harm that occurs when a cybersecurity property of an asset is compromised.
Threat Scenario
Plausible way an attacker can compromise a cybersecurity property of an asset.
Attack Path
Sequence of attacker steps from initial access to compromise of a cybersecurity property.
Attack Feasibility
Estimation of how achievable an attack path is, expressed via factors such as elapsed time, expertise, knowledge, opportunity, and equipment.
Risk Value
ISO/SAE 21434 risk score derived from impact (SFOP) and attack feasibility.
Cybersecurity Goal
Top-level cybersecurity objective derived from a threat scenario at the item level.

What is TARA?
Manual TARA vs Automated
KAVACH (architecture-aware TARA)

Need help applying TARA on a programme? Use the contact form or request a KAVACH demo.

TARA

Asset (cybersecurity)

Damage Scenario

Threat Scenario

Attack Path

Attack Feasibility

Risk Value

Cybersecurity Goal