The first step is to record the current status. For this purpose, we first get an exact picture of the system/subsystem to be analysed. This means what kind of component, what kind of device or perhaps what kind of IoT device we should analyse. We record all data, interfaces and components that are available and which functions are to be implemented. Together with the customer, we then define what is worth protecting in the system.
As next step, we conduct the threat analysis. For this purpose, attack trees are created in which the individual attack steps that a potential attacker would carry out to attack the system are systematically documented. At this point it is evaluated how likely or costly these attacks are.
In the third step, we deal with the evaluation of the damage caused by the attacks on the system. For example, safety, privacy or financial damage can result from a successful attack.
The final step involves combining likelihood and impact to calculate a risk value. This subsequently serves as the basis for the client to decide which risks are acceptable in the system or which have to be mitigated. For the risks to be mitigated, High-Level Security Requirements are identified again at the end so that the customer knows, what their “main construction sites” in the system are and which points must be addressed in a subsequent security concept.