Towards a common Security Analysis Exchange Format

  • Norms like the ISO 21434 and the WP.29 from UNECE make it increasingly important to integrate tools for security risk analysis

  • The security tools not only need to exchange data with existing tool chains (think system elements, or security requirements), but also integrate with each other.

  • All parties would benefit from an open format which allows to exchange security risk analysis data across departments and corporations

  • We are inviting to develop openXSAM, an open Xml Security Analysis Model

  • More content is coming up…

openxsam.io

Yikes, we already have a domain for it: openxsam.io. You can find more details there. We provide an overview PDF document and have a news section.

openxsam.io

Analyzing the whole Vehicle?

One challenge is that security analyses of the whole supply chain need to be added into a wholesome consideration for the whole vehicle.

Read the Full interview

Interested?

You’re welcome to join us work on this format! Since we don’t have a lot of infrastructure yet, you may contact us over there:

security-analyst@itemis.de