Glossary · ISO/SAE 21434

Threat Scenario

Plausible way an attacker can compromise a cybersecurity property of an asset.

A threat scenario describes how an attacker compromises an asset's cybersecurity property — typically expressed using STRIDE-style categories (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege). It is the bridge between damage scenarios and attack paths.

Related terms

Damage Scenario
Description of the harm that occurs when a cybersecurity property of an asset is compromised.
Attack Path
Sequence of attacker steps from initial access to compromise of a cybersecurity property.
TARA
Threat Analysis and Risk Assessment — the structured cybersecurity risk method of ISO/SAE 21434.

STRIDE for automotive threat modelling

Need help applying Threat Scenario on a programme? Use the contact form or request a KAVACH demo.

Threat Scenario

Damage Scenario

Attack Path

TARA