Training / Education
Performing a Cybersecurity Threat Analysis and Risk Assessment
SAE J3061 sets out a recommended cybersecurity engineering process framework for organizations developing cyber physical systems. One of the recommendations of this framework is to carry out a threat analysis and risk assessment early in the product development. A threat analysis identifies and models the relevant threats against assets, and a risk assessment classifies the impact and likelihood associated with each threat. The approach enables the prioritization of risks and appropriate risk treatment measures to be determined in subsequent development phases.