Vehicle cybersecurity vulnerabilities could impact a vehicle's safe operation. Therefore, engineers should ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities. The automotive industry is making vehicle cybersecurity an organizational priority.
SAE J3061 sets out a recommended cybersecurity engineering process framework for organizations developing cyber physical systems. One of the recommendations of this framework is to carry out a threat analysis and risk assessment early in the product development. A threat analysis identifies and models the relevant threats against assets, and a risk assessment classifies the impact and likelihood associated with each threat. The approach enables the prioritization of risks and appropriate risk treatment measures to be determined in subsequent development phases.