Karamba Security TARA (Threat Analysis and Risk Assessment) is a professional cybersecurity consulting service focused on assessing and managing cybersecurity risks for connected devices, particularly in the automotive sector. The service follows established TARA methodologies as defined in SAE J3061, ISO-21434, and UN R155 standards. It covers the full TARA process including asset identification, threat analysis, impact assessment, and risk assessment. The service is delivered by Karamba's cybersecurity researchers and automotive engineers with experience in infotainment systems, ADAS, EV systems, and gateway ECUs. Their familiarity with both Tier-1 suppliers and OEMs informs the analysis approach. Core process components include: - Threat Vulnerability Analysis: Identifying threat scenarios to cybersecurity properties of assets, examining weaknesses, and assessing exploitability. - Attack Path Analysis: Evaluating the feasibility and difficulty of attack paths based on expertise required, windows of opportunity, and other parameters. - Concept Phase: Collaborating with clients to develop a cybersecurity concept based on the full scope of identified risks. The output is intended to help organizations meet industry security requirements and establish a cybersecurity strategy for their connected devices and automotive systems.