With the adoption of new cyber security standards, development departments and stakeholders are increasingly focusing on the importance of this topic. Safety standards such as EN 5012x (railway) and ISO 26262 (automotive) are familiar to many developers. New, however, are security standards such as EN TS 50701 for railway and ISO 21434 for automotive.
Terms such as CIA and TARA are omnipresent. We show what they are all about.
In the cyber security environment, the "CIA triad" has established itself as a core objective. It describes the three essential requirements when we talk about the security of data and information:
Data must therefore be made available in a timely manner, free of errors, and only to authorized persons.
The primary tool to define the approach of the development department is the Cyber Security Risk Analysis, in ISO 21434 it is called Threat Analysis and Risk Assessment (TARA). The goal of the TARA is to determine the High Level Cyber Security Requirements. The execution itself can be divided into a sequential process.
The greatest impact on the development is the implementation of the elaborated requirements. These must be handled with particular care and result in the adaptation of all documents or templates that describe the requirements in the project (Requirements Specification, Architecture, Design, Test Specification, Tracibility Matrix Verification Plan, etc.).
At Hitex we are embedded experts since 1976 with experience in embedded systems development and production.
Hitex engineering services cover the complete product development process in the embedded area. Benefit from our experience, regardless of whether you commission us with a sub-project or a complete project. Build on a team of qualified developers for high-quality development processes, also ISO 21434-compliant.