Assurance of system cyber-security is a topic that is attracting a lot of attention in the automotive industry. This does not come as a surprise because cars today come loaded with features that require sourcing from and sharing information with multiple internal and external nodes. This attribute of the modern vehicle has the side effect of increasing the attack surface of the system. While this may seem like a new problem for the automotive industry, cyber-security has been an important topic for industries and organizations that develop, use, and monitor information technology systems. Many cyber security analysis methods and frameworks from IT industry are being applied as-is or with modifications to cyber security assurance needs of the automotive industry. In addition, there are numerous other cyber-security analysis methods in use and under development that are tailored to the automotive industry. Using traffic assist ADAS feature as an example, this study compares and contrasts family of cyber security analysis methods on key attributes of threat and hazard identification technique, risk assessment framework, threat and hazard ranking artifact, scenario generation process, requirements mapping process, and scope of the analysis method. Actionable cyber-security method and process recommendations are shared.
