Key Features
| Feature | Description |
|---|
| 5-Step TARA Workflow | ISO/SAE 21434 Clause 15 threat analysis in a structured Risksheet |
| EVITA Feasibility Scoring | 5-factor attack potential rating per ISO 21434 Annex G |
| Risk Verdict Matrix | Impact x Feasibility produces verdicts 1—5 with color-coded heat map |
| Dual-Track Traceability | Goal Track and Control Track from threat through to test case verification |
| Shared Catalogs | Reusable Threat Scenario and Stakeholder catalogs across all TARA modules |
| Cybersecurity Case Dashboard | ISO 21434 Clause 6.4.6 assurance argument with coverage evidence |
Documentation Structure
| Section | What You Will Find |
|---|
| Getting Started | Install the solution, create your first TARA module, walk through the 5-step workflow |
| Concepts | ISO 21434 coverage, data model, traceability chain, scoring algorithms, system element hierarchy |
| How-To Guides | Step-by-step procedures for TARA analysis, setup, dashboards, and approval workflows |
| Reference | Work item types, enumerations, Risksheet configuration, formulas, dashboards, RTM model |
| FAQ | Answers to common questions about TARA workflow, configuration, and ISO compliance |
Quick Start
- Install — Deploy the TARA solution into your Polarion project. See Install the TARA Solution.
- Model your system — Create system elements with the
systemElement type. See Create System Elements.
- Create a TARA — Open Risksheets, select TARATemplate, and link to a system element. See Create Your First TARA Module.
- Analyze threats — Walk through all 5 steps. See The 5-Step TARA Workflow.
- Review and approve — Use the document workflow to send for review. See Review and Approve a TARA Document.
The TARA solution uses Nextedy Risksheet as its primary analysis tool. All TARA records are edited exclusively inside the Risksheet interface — not in standard Polarion work item forms.
