Architecture · Featured
Built an AI-assisted TARA platform that compresses a multi-week threat-analysis cycle into a structured workflow auditable against ISO/SAE 21434 and UNECE WP.29.
Architecture
75% faster
Assessment Time
A European automotive OEM under hard regulatory pressure: ISO/SAE 21434 mandates a documented cybersecurity engineering process, and UNECE WP.29 makes type-approval contingent on it. The cybersecurity team was eight engineers serving twelve programme tracks, with assessments living in shared spreadsheets and a homegrown threat library that nobody fully trusted. Auditors wanted traceability the spreadsheets could not provide; engineers wanted hours of their week back.
The challenge
Manual TARA (Threat Analysis and Risk Assessment) was the long pole on every new vehicle programme. Spreadsheets, inconsistent terminology, and tribal knowledge meant assessments were slow, hard to audit, and impossible to scale to a programme launching three new models a year.
Approach
Reverse-engineered the existing TARA workflow with the cybersecurity leads to extract a canonical asset/threat/control taxonomy.
Designed a modular platform: asset discovery service, LLM-assisted threat suggestion, risk scoring engine, and an evidence-export pipeline aligned to the 21434 work products.
Trained the suggestion model on the OEM’s proprietary threat intelligence and CAN/Ethernet topology data; constrained outputs with a hand-curated control library so suggestions were always grounded.
Built the audit-export pipeline first to prove regulatory acceptance before the team committed to the workflow change.
Rolled out to one pilot programme, measured cycle time, then expanded to all twelve tracks once the cybersecurity team signed off.
The solution
An AI-assisted platform automating the TARA process from asset discovery to compliance reporting. The model proposes threats and ranks them by likelihood and impact; the engineer remains the decision-maker, but the boilerplate compression is significant.
Security assessments span vehicle sensors, CAN networks, and proprietary threat intelligence. Every assessment is exportable as the 21434 work products auditors expect, with a clear provenance trail from raw asset to final risk score.
Assessment Time
Compliance Coverage
Manual Effort
Reflections
The assessments stayed honest because the platform was built around the engineers’ judgement, not in spite of it. The AI never approves a risk score on its own — it suggests, the engineer decides, and the audit trail records both. That keeps the regulator comfortable and the team in control, which is the only way these tools survive contact with a real safety-critical environment.
Continue exploring
Engagements are scoped around outcomes, not hours. The fastest path is a short discovery call—no slides, just questions.
