Threat Assessment and Remediation Analysis (TARA)

Abstract

Threat Assessment and Remediation Analysis (TARA) is an engineering methodology used to identify and assess cyber vulnerabilities and select countermeasures effective at mitigating those vulnerabilities. TARA is part of a MITRE portfolio of systems security engineering (SSE) practices that contribute to achievement of mission assurance (MA) for systems during the acquisition process. The TARA assessment approach can be described as conjoined trade studies, where the first trade identifies and ranks attack vectors based on assessed risk, and the second identifies and selects countermeasures based on assessed utility and cost. Unique aspects of the methodology include use of catalog-stored mitigation mappings that preselect plausible countermeasures for a given range of attack vectors, and use of countermeasure selection strategies that prescribe the application of countermeasures based on level of risk tolerance. This paper outlines the SSE-MA portfolio and describes the TARA methodology.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2014
Accession Number
AD1016629

Entities

People

  • Jackson Wynn

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Acquisition
  • Best Practices
  • Business Administration
  • Corporations
  • Cost Estimates
  • Costs
  • Cyber Threats
  • Cyberattacks
  • Engineering
  • Failure Mode And Effect Analysis
  • Intrusion Detection
  • Knowledge Management
  • Lessons Learned
  • Risk
  • Risk Analysis
  • Risk Management
  • Vulnerability

Readers

  • Neurotrauma and Rehabilitation Medicine.
  • Regression Analysis.
  • Systems Analysis and Design

Technology Areas

  • Cyber