ISO/SAE 21434: Why Implement TARA for ADS Systems?
Advanced Driving Automated Systems (ADAS) such as Automatic Emergency Braking (AEB), Lane Keep Assist System (LKAS) are revolutionizing the automotive industry, enhancing driving experience and innovating vehicle safety. Vehicles are becoming smarter, more connected, and more technologically advanced. Times are changing — vehicles are no longer mechanically oriented, they are becoming more software oriented, which is exciting. However, it is crucial to ensure these technologies are cybersecure.
How Do ADAS Systems Work?
ADAS features rely on sensors, cameras, radar, and software working together to process data in real time. The system then makes split-second decisions, such as braking automatically to prevent a collision. Because these decisions directly affect driving, any cybersecurity weakness could have serious safety consequences.
What is Automotive Cybersecurity?
Automotive cybersecurity ensures vehicles are cybersecure during development, and also when on the road. Modern vehicles are essentially “computers on wheels” with dozens of Electronic Control Units (ECUs) and communication networks. If these ECU networks are compromised it could endanger safety, finances, operations, and privacy. That is why ISO/SAE 21434 requires a structured approach to identify all possible threats and ensures each threat is accounted for by implementing Threat Analysis and Risk Assessment (TARA).
What is a TARA?
A Threat Analysis and Risk Assessment (TARA) is a structured process defined by ISO/SAE 21434 that includes a combination of activities:
- Asset Identification: What are we trying to protect?
- Damage Scenario Identification: What happens if we can’t protect the Asset?
- Impact Rating: What is the impact of the Damage Scenario?
- Threat Scenario Identification: How can the Damage Scenario be realized?
- Attack Path Analysis: What are the practical steps an attacker would take to achieve the threat scenario?
- Attack Feasibility: How easy is it to implement the attack path?
- Risk Value Determination: What is the overall risk value?
- Risk Treatment Decision: How to address these risks?
How Does TARA Differ for ADAS Systems?
The foundation of a TARA is the same whether you are evaluating an airbag ECU or a highly complex ADAS ECU such as an AEB (Automatic Emergency Braking) system. However, the content captured is tremendously different.
The Airbag ECU is reactive, mostly impacted by direct access or firmware tampering. On the other hand, the AEB ECU is proactive and influenced by external data increasing the attack vector.
Example TARA Comparison: Airbag ECU vs. AEB ECU
| TARA | Airbag ECU | AEB ECU |
|---|---|---|
| Assets | Internal crash sensor, airbag deployment algorithm | External sensors (camera, LiDAR, radar), perception software, actuator control commands |
| Damage Scenarios | Failure to deploy due to modified ECU software | Unintended AEB activation due to tampered sensor data |
| Threat Scenarios | Tampering with firmware update | Spoofing radar/camera signals to create phantom objects |
Why Implement TARA for ADAS?
Without a well structured TARA, cybersecurity risks such as sensor spoofing, message tampering, or unauthorized ECU access may go unnoticed until malicious individuals discover it and then it is too late. Implementing a TARA ensures:
- ADAS systems remain both safe and secure
- Risks are identified early in development
- Countermeasures are designed into the system, not patched later
Need Support Implementing an Effective TARA?
SRES offers an ADS TARA Workshop where industry experts walk through an AEB TARA implementation using a real world ECU example. You will also get hands-on practice with a free TARA tool you can adapt for any of your systems.
Find all SRES training offerings here.
Have insights or questions? Leave a comment below—we welcome thoughtful discussion from our technical community.
