The challenge: ISO 21434 at semiconductor speed
Automotive semiconductor suppliers entering the OEM supply chain face a uniquely hard version of ISO 21434:
- CSMS expectations apply immediately, even before a full vehicle program exists
- TARAs must be repeated across products, variants, and customers
- Evidence must be auditor‑grade, not exploratory
- The work rarely lives in one place — architectures, assumptions, threat models, and mitigations are fragmented across teams and tools
In practice, this leads to a familiar outcome: strong security engineering teams spending the majority of their time assembling documentation rather than improving the system.
This post walks through a realistic end‑to‑end ISO 21434 Level‑2 TARA workflow for an automotive semiconductor platform, showing how teams can:
- Fully satisfy CSMS and TARA auditor expectations
- Maintain a single source of truth for workflow and status
- Reduce hands‑on documentation effort by ~70% using AI
The solution pattern: structure + execution
The key insight is that ISO 21434 work has two very different jobs:
- Workflow governance – defining what must exist, when, by whom, and in what state
- Artifact execution – actually producing high‑quality TARAs, assumptions, threat scenarios, and mitigations
High‑performing teams separate these concerns.
In this use case:
- A process‑centric platform manages the ISO 21434 CSMS lifecycle, roles, gates, and audit readiness
- Saphira’s AI execution engine generates and iterates on the intermediate cybersecurity artifacts that normally consume weeks of expert time
Reference system: automotive SoC platform
For concreteness, we ground this walkthrough in a real automotive semiconductor scenario:
- Product: Automotive‑grade SoC used in ADAS and centralized compute
- Context: Deployed across multiple OEM programs
- Interfaces: Cameras, radar, vehicle networks, OTA update pipeline
- Security scope: Hardware root of trust, secure boot, firmware update, data paths
This example is derived from a real automotive TARA engagement; identifying details have been anonymized.
Step 1: ISO 21434 CSMS workflow (auditor view)
The cybersecurity program begins with a structured CSMS workflow aligned to ISO 21434, including:
- Governance and responsibility assignment
- Asset identification and security objectives
- TARA definition and execution
- Cybersecurity concept and requirements
- Verification, validation, and monitoring
From an auditor’s perspective, this workflow must clearly show:
- Who owns each activity
- Status transitions (Draft → Review → Baseline)
- Evidence traceability across lifecycle stages
This layer is intentionally tool‑agnostic with respect to content generation — its role is to ensure completeness and consistency.
Step 2: Defining TARA inputs (engineer view)
Rather than starting from blank threat tables, engineers provide high‑leverage inputs:
- High‑level architecture diagrams (block‑level is sufficient)
- Trust boundaries and interfaces
- Operational assumptions and constraints
- Safety and availability expectations
These inputs are exactly what engineers already have — but rarely exploit fully in traditional tools.
Step 3: AI‑assisted Level‑2 TARA generation
Using these inputs, Saphira generates a Level‑2 TARA aligned to ISO 21434, including:
- Assets and security properties
- Threat scenarios and attack paths
- Impact and feasibility reasoning
- Risk classification and prioritization
Crucially, this is not a one‑shot generation.
The system:
- Flags ambiguous assumptions
- Asks targeted clarification questions
- Allows rapid iteration with the engineering team
This mirrors how real TARAs are developed — but collapses weeks of work into days.
Step 4: Traceability to cybersecurity requirements
Every generated threat scenario is automatically linked to:
- Cybersecurity goals
- Cybersecurity requirements
- Allocations to HW, FW, and system controls
This traceability is preserved end‑to‑end, ensuring:
- No orphaned threats
- No unmotivated requirements
- Clean evidence for audits and customer reviews
Step 5: CSMS completeness and audit readiness
From a CS auditor’s perspective, the result is a complete and inspectable CSMS:
- All ISO 21434 activities accounted for
- Clear ownership and baselined artifacts
- Consistent rationale across documents
From the engineering team’s perspective:
- Documentation effort reduced by ~70%
- More time spent on actual design decisions
- Faster response to OEM‑specific variations
Beyond ISO 21434: a unified compliance motion
A key advantage of this approach is that the same workflow foundation supports adjacent standards:
- ASPICE 4.0 – aligned lifecycle and evidence
- ISO 26262 – shared architecture and traceability
- ISO 21448 (SOTIF) – reuse of operational assumptions
- ISO 8800 – early AI‑related risk identification
Instead of parallel compliance efforts, teams work in a single, unified interface with a common expert model.
Why this matters for automotive semiconductor teams
For semiconductor suppliers scaling into automotive programs, this model:
- De‑risks early OEM engagement
- Improves audit outcomes
- Dramatically lowers cost per TARA
- Enables reuse across customers without copy‑paste
Most importantly, it allows security experts to focus on security, not paperwork.
What’s next
This use case represents an emerging pattern we are actively extending:
- Deeper automation across cybersecurity concepts
- Closer alignment between safety and security analyses
- Faster adaptation to OEM‑specific interpretations
If you’re responsible for cybersecurity, safety, or compliance at an automotive semiconductor company and want to explore this approach, we’d love to compare notes.
All trademarks and product names are the property of their respective owners. This post describes a representative workflow and does not disclose customer‑confidential information.
Ready to get started?
Let’s connect
