Release Notes

Knowledge Base

Additional information, tips and tricks can now be accessed under Since the last release we have given a couple of presentations on how to do an ISO/SAE 21434 compliant TARA with our tool. You may watch it here at the very bottom.

Important Changes

Threats may act on Channels

Channels model the physical connections between two components. Allowing them to have multiple endpoints in 20.1 enabled to use them when modeling a bus. With this release of version 2020.2, we have integrated them with Threats and Security Objectives. As a result, channels may now be the target of a security consideration. For example, you may now let a flooding attack directly affect a channel and let it propagate to all its contained dataflows. Of course, the assistants are aware of them and make according suggestions for that.

How to enable respective Suggestions in your existing Analysis?

While new analyses have assistance for channels ready to go, two minor changes are required to your assessment model to enable channel-traversing suggestions in existing analyses:

  • First, you’ll need to open the production rule set and add a rule to traverse from channel to their contained transmissions. You may also add a rule to traverse between channels and their endpoint components.


  • Second, open the security property matrix which lives right next to the production rule set. You may observe that a couple of new checkboxes have appeared. Check the appropriate boxes to declare which security properties should propagate when traversing the system model (Hint: A good start is to check the diagonal that traverses from integrity to integrity, availability to availability and so on).

That’s it. To see the new suggestions, go to the “Threat Assistant” and press the “Refresh Button” at the top. They will be visible under “Channel threatened by Threat Class”.

Security Property Matrix

“Impossible” Threats and Controls

An attack feasibility rating without any factor set no longer means “impossible”, but instead means “very easy”. As a result, any combined threats (such as preparation steps) will provide the factors to calculate the combined feasibility. If you want a control or threat to indeed be marked as impossible to keep having a combined feasibility of “impossible”, just set the checkmark.

Existing analyses are migrated so that the calculated risk level is not changed, i.e. threats or controls that do not specify at least one risk factor or explicit attack feasibility are marked as “impossible”.

Inspect Internal Paths for Risk Calculation

If unsure about what’s going on there, the tool now provides more insight. Just focus the title of a threat (or any other propagation participant), press ALT+Enter and select “Show paths in inspector”. When focusing any propagation participant in this chunk, the inspector will now display the paths that are considered for risk calculation. Once you’re done, simply click that button inside the inspector to return to the normal inspector view.

Relation Expressions can be imported and exported to XSAM

XSAM now also covers the complex relations inside the security model, i.e. threatened by, depends on, mitigated by and prepared by. More information can be found in the user guide.

Various Fixes and Improvements

  • Fixed possibly altered internal IDs if a threat or control catalog was imported
  • Fixed unintended scrolling in the assistants when suggestions are accepted or rejected
  • Improved ISO/SAE 21434 example shipped with the tool (see examples folder)
  • Minor editor improvements