OPENASC

OPENASC

Open-source automotive security catalogs assissting in Threat Analysis & Risk Assessment processes

What is OpenASC?

OpenASC is an open-source repository of structured threat and control catalogs. It provides a foundational resource for systematically identifying and mitigating security threats in the automotive domain utilizing classification models like STRIDE and MITRE ATT&CK®. OpenASC is designed to support processes outlined in Clause 15 of ISO/SAE 21434 and the United Nations regulation no.155 for cybersecurity management in road vehicles.

Who Is This For?

OpenASC is built for security architects, automotive engineers, and tool developers working on threat modeling and risk assessments, or vulnerability analysis. It's especially useful for teams implementing TARA process outlined in Clause 15 of ISO/SAE 21434 and taking into account United Nations Regulation no.155.

Explore Catalogs

Threat Catalogs

Navigate a curated library of threat scenarios to support comprehensive threat identification and modelling using classification models like STRIDE and MITRE ATT&CK®.

View Threats
Control Catalogs

Discover technical and procedural controls mapped to specific threats and system layers. Ideal for use in mitigation planning and gap analysis.

View Controls
Quick References

Access summarized information for automotive cybersecurity compliance and risk assessment.

Quick References

How to Contribute

OpenASC relies on community input and support. Whether you're a security expert, researcher, or developer, your contributions to help improve and expand the catalogs are valuable.

Read the Contribution Guide and submit a change request on GitHub
Or
Contact the maintainers directly and share your ideas and feedback to mail.openasc.org

OpenASC is an open-source repository of structured threat and control catalogs. It provides a foundational resource for systematically identifying and mitigating security threats in the automotive domain utilizing classification models like STRIDE and MITRE ATT&CK®. OpenASC is designed to support processes outlined in Clause 15 of ISO/SAE 21434 and the United Nations regulation no.155 for cybersecurity management in road vehicles.

OpenASC is built for security architects, automotive engineers, and tool developers working on threat modeling and risk assessments, or vulnerability analysis. It's especially useful for teams implementing TARA process outlined in Clause 15 of ISO/SAE 21434 and taking into account United Nations Regulation no.155.

  • Threat Catalogs: Navigate a curated library of threat scenarios to support comprehensive threat identification and modelling using classification models like STRIDE and MITRE ATT&CK®.
    View Threats
  • Control Catalogs: Discover technical and procedural controls mapped to specific threats and system layers. Ideal for use in mitigation planning and gap analysis.
    View Controls
  • Quick References: Access summarized information for automotive cybersecurity compliance and risk assessment
    Quick References

OpenASC relies on community input and support. Whether you're a security expert, researcher, or developer, your contributions to help improve and expand the catalogs are valuable.

Read the Contribution Guide and submit a change request on GitHub
Or
Contact the maintainers directly and share your ideas and feedback to mail.openasc.org
An unhandled error has occurred. Reload 🗙