Threat Analysis and Risk Assessment (TARA): Method training

Manufacturers and integrators of embedded systems are confronted with regulations such as the Cyber Resilience Act, the Medical Device Regulation or the Machinery Directive. These require products to be developed securely. To ensure that these are "Secure by Design", a staggered security concept is required. This is created on the basis of a "Threat Analysis and Risk Assessment". The "Threat Analysis and Risk Assessment" workshop provides the necessary theory and practice for this. The training participants are trained in the necessary methods, which are applied directly to a minimal case study. The participants should be enabled to understand threat models and be able to carry them out independently.
 
Content:

• Project phases of threat modelling
• Description of system, use and environment
• Threat analysis
• Risk assessment

Note: This course teaches content that can be used to fulfil the requirements of the following standards:

• IEC 62443 (Industrial)
• ISO 21434 (Automotive)
• IEC 81001 (Medical)
• TS 50701 (Railway)
• IEC 63452 (Railway) 

Target group:
Project managers, security managers, requirements engineers, prospective threat modellers, architects, developers, testers
 
Customer Benefit:

• Understanding the purpose and objective of threat modelling
• Learning threat modelling methods
• Knowledge of the basic approach to threat modelling
• Joint development of a threat model using a specific example 

Previous knowledge:

• Basic understanding of cyber security
• Sound technical knowledge 

Duration:
1 day