ISO 26262-compliant Security threat analysis tool

  • Target Industries : Mainly automotive industry
  • Target Category : Embedded Software Development Division

Seculia is a security threat analysis support tool that employs a threat analysis methodology centered on Attack Trees (AT: Attack Trees).

Seculia is a Security Analysis tool that uses a widely used Attack-tree based threat analysis method. It can be applied to secure development processes like ISO 26262's Part 3 safety concepts, Part 4 (System Level Development), Part 5 (Hardware Development), and Part 6 (Software Development) or equivalent.

Safety/Security processes and FT/AT/FT-AT diagram examples

  • Feature 1
    Current status of security in the IT industry
    In the IT industry, there is currently no development method for identifying and assessing security-related threats, and designing countermeasures (security features).
    Therefore, we consider that there is no generally adopted analysis and assessment method like the ones established in the Safety domain. However, similar to the functional safety approach for in-vehicle systems, we think that threat analysis, assessment, and appropriate countermeasures are indispensable for the best development of security functions.
  • Feature 2
    Seculia supports security threat analysis for a secure development process
    “Seculia” is a tool to perform Security Threat Analysis for a secure Development process, using both FTA, ATA, and their mutual effects on each other. Mixing Fault trees and Attack Trees in a single diagram is possible. Modularization (through an UML package) and Risk Assessment of the AT are also possible, helping EVITA-style Analysis. This tool is jointly developed by C.A.B. Technologies Co., Ltd. and GAIO Technology Co., Ltd.
  • Feature 3
    Seculia use phases and merits
    By using a Secure development process similar to the Parts 3 (Safety Concept) 4 (System Development), 5 (Hardware Development), and 6 (Software Development) of the ISO 26262 Safety standard for Automotive, the joint and mutual effects of the Safety and Security Analysis can be evaluated.
  • Function 01

    Security analysis tools using the threat analysis method

    • [Basic Features]
      • FT/AT diagram creation/editing
      • Write AT diagrams within FT diagrams Import package to help Modularization of the AT
      • AT Risk assessment calculation
      • Support EVITA-style analysis
      • More extensions to the AT diagram under development

      [Option features (under development)]
      • Risk assessment calculation

Product Catalogues