The 8 Work Item Types
Type Summary
| Type ID | Label | Purpose | Custom Fields |
|---|
taraRecord | TARA Record | Central risk assessment record — one per threat path | 15 fields (CIAx, damage, feasibility factors, impact, verdict, treatment) |
cybersecurityGoal | Cybersecurity Goal | High-level protection objective per ISO 21434 Clause 15 | cal, goalCiaxProperty, goalAsset, goalRationale |
systemElement | System Element | Component in the vehicle architecture hierarchy | elementType (system/subsystem/assembly/subassembly/component) |
threatScenario | Threat Scenario | Named threat grouping attack paths (catalog item) | Standard fields only |
stakeholder | Stakeholder | Entity affected by cybersecurity threats (catalog item) | Standard fields only |
riskControl | Risk Control | Countermeasure that mitigates a TARA record | riskControlType (Inherent Safety Design, Protective Measure, Information for Safety) |
sysReq | Requirement | Cybersecurity or system requirement | classification (cybersecurity, SC, CC) |
testCase | Test Case | Verification test case for a requirement | Standard fields only |
TARA Record: The Central Hub
The taraRecord type is the most field-rich type in the solution. Each record represents a unique combination of stakeholder, security property, damage scenario, threat scenario, and attack path.
Custom Fields (15)
| Field ID | Name | Type | Edited In |
|---|
ciaxProperty | CIAx Property | enum:taraRecord-ciaxProperty | Risksheet |
damageScenario | Damage Scenario | text/plain | Risksheet |
threatPath | Threat Path | text/plain | Risksheet |
attackTime | Elapsed Time | enum:taraRecord-attackTime | Risksheet |
attackExpertise | Specialist Expertise | enum:taraRecord-attackExpertise | Risksheet |
attackKnowledge | Knowledge of Item | enum:taraRecord-attackKnowledge | Risksheet |
attackWoo | Window of Opportunity | enum:taraRecord-attackWoo | Risksheet |
attackEquipment | Equipment | enum:taraRecord-attackEquipment | Risksheet |
taraImpact | Impact | enum:taraRecord-taraImpact | Risksheet |
taraFeasibility | Attack Feasibility | enum:taraRecord-taraFeasibility | Computed (formula) |
taraVerdict | Risk Verdict | integer | Computed (formula) |
treatmentChoice | Treatment Choice | enum:taraRecord-treatmentChoice | Risksheet |
treatmentStatus | Treatment Status | enum:taraRecord-treatmentStatus | Risksheet |
taraClaims | Claims | text/plain | Risksheet |
taraControls | Controls | text/plain | (reserved) |
All TARA record custom fields are marked read-only in the Polarion form layout. Editing is exclusively performed through the Risksheet interface. This ensures the structured 5-step workflow is followed.
Link Roles
TARA-Specific Roles (5)
| Role ID | Forward Name | Reverse Name | Direction |
|---|
hasStakeholder | has Stakeholder | is Stakeholder in | taraRecord —> stakeholder |
hasThreatScenario | has Threat Scenario | is Threat Scenario in | taraRecord —> threatScenario |
hasCybersecurityGoal | has Cybersecurity Goal | is Cybersecurity Goal in | taraRecord —> cybersecurityGoal |
mitigates | Mitigates | is Mitigated by | riskControl —> taraRecord |
derivesRequirement | derives from Goal | derives Requirement | sysReq —> cybersecurityGoal |
Standard Roles Used in TARA Traceability
| Role ID | Direction | Purpose in TARA |
|---|
implements | sysReq —> riskControl | Requirement implements a risk control |
verifies | testCase —> sysReq | Test case verifies a requirement |
parent | sameType hierarchical | System element hierarchy |
allocatedTo | sysReq —> systemElement | Requirement allocated to component |
Cybersecurity Goal
The cybersecurityGoal type represents the high-level protection objective derived from risk assessment. Key fields:
cal (Cybersecurity Assurance Level): CAL 1 through CAL 4. Higher CAL means stricter verification requirements. The calDecorator in the Risksheet validates that the CAL meets the minimum for the verdict level (Verdict 5 requires CAL 4, Verdict 4 requires CAL 3).goalCiaxProperty: The CIAx security property this goal protects (uses the same enum as taraRecord.ciaxProperty).goalRationale: Rich-text rationale explaining the goal.
System Element
The systemElement type models the vehicle architecture hierarchy. The elementType custom field uses the systemElementType enum:
| Level | Type ID |
|---|
| Top | system |
| L1 | subsystem |
| L2 | assembly |
| L3 | subassembly |
| L4 | component |
parent link role. Each TARA module is linked to a system element through the systemElementId document custom field. The System Element Navigator on dashboards traverses this hierarchy to display which elements have TARAs.
Risk Control
The riskControl type represents countermeasures. Its riskControlType field classifies controls into:
| Type | Description |
|---|
| Inherent Safety Design | Designed-in protection that eliminates or reduces the threat |
| Protective Measure | Active countermeasure (e.g., firewall, encryption, IDS) |
| Information for Safety | Labeling, warnings, or operational procedures |
mitigates role and to requirements via the implements role.
RTM Domain Model
The RTM YAML (.polarion/nextedy/models/rtm.yaml) defines a minimal model with 5 entity types and no relationships:
Document, Chapter, SystemElement, Requirement, TestCase
taraRecord, threatScenario, stakeholder, riskControl, cybersecurityGoal) are implemented entirely through native Polarion configuration. All traceability is enforced via link role type constraints in the workitem-link-role-enum.xml, not through the RTM model.
