Automotive Cybersecurity Threat Analysis

Isograph's AttackTree software provides an integrated environment for analysing the cybersecurity of automotive systems in keeping with cybersecurity standards ISO 21434 and SAE J3061. AttackTree incorporates tools for Threat Analysis, Attack Tree Analysis and Mitigation Tree Analysis.

Threat Analysis provides a user-friendly, graphical interface to construct an asset hierarchy and identify threats to those assets. Threats may be ranked by likelihood, severity and controllability. A template is provided for performing threat analyses in compliance with ISO 26262, as well as the HEAVENS and EVITA methodologies. Facilities are also provided for the user to create custom risk matrices.

Attack tree analysis is a top-down or deductive approach. Attack paths are deduced for the item or component based on historical knowledge of vulnerabilities in similar systems and components. A top-down approach is useful in the concept and development phases when implementation of the current item or component is not available, or when effort is directed toward building attack hypotheses or attack path models

The Attack Tree analysis tool provides a framework for the construction and analysis of attack tree diagrams. With an attack tree, the user can identify all possible paths to a threat and rank those paths by likelihood. An attack tree gate may be linked to a threat in the Threat Analysis module and the calculated frequency of the gate used to automatically assign a likelihood ranking to the threat.

The Mitigation Tree tool allows the user to identify all possible outcomes of a threat and rank them by their likelihood. Each branch of a mitigation tree may be linked to a gate or basic event in the event tree module.

AttackTree incorporates a powerful reporting facility. A variety of standard report templates are supplied with the software, and custom report creation tools are provided to aid the user in meeting any specialised reporting requirements.