Embedded Threat Modeling: Overcoming CRA Cybersecurity Challenges

One of the central requirements of the EU Cyber Resilience Act is that manufacturers must assess and evaluate the cybersecurity risks their product is exposed to, and formally document how that was done. This means that a formal risk assessment procedure is crucial for securing compliance.

In this webinar, Jon Oster, Principal Product Security Architect, give an introduction to the concept of formal threat modeling, describe one formal framework that can be used to meet the CRA's requirements, and show how Toradex System on Modules and Torizon OS can help reduce cybersecurity residual risk.

Key Takeaways:

• Learn what threat modeling is, and how it relates to the CRA's "cybersecurity risk assessment" requirement
• Why recognized methods and standards are preferable, and make your life easier
• Introduce MITRE EMB3D, a free framework already widely in use
• Show how Torizon OS easily mitigates many of the risks identified in the System Software portion of MITRE EMB3D