TARAexl

Build your auditor-ready ISO/SAE 21434 + UN R155 TARA on your own machine.

A fast, fully-offline desktop workbench — with an on-device AI assistant — that takes you from item definition to a signed, auditor-ready Threat Analysis & Risk Assessment mapped to ISO/SAE 21434, UN R155 and the EU Cyber Resilience Act (CRA), without an enterprise cloud platform or a consulting engagement.

Your TARA never leaves your laptop. No cloud. No telemetry. No per-analysis fees.

Request a trial Book a 20-minute walkthrough
TARAexl project home — recent projects, risk at a glance, and a new-project wizard

The problem

Every road-vehicle programme now needs a TARA. Today the options are bad.

ISO/SAE 21434 requires a Threat Analysis & Risk Assessment, and UN R155 demands one for type approval. Teams are left with three bad options:

Enterprise cloud platforms

Powerful, but priced for large OEMs — and they put your most sensitive design data in someone else's cloud.

General-purpose tools

Spreadsheets and threat-modeling apps that weren't built for 21434/R155 — so the method, the work products and the report are all manual.

Consultants

Expensive — and the knowledge walks out the door when the engagement ends.

Meanwhile Tier-2/3 suppliers, smaller OEMs, and teams on air-gapped networks need the same audit-ready evidence — on a realistic budget, without sending their IP to the cloud. That gap is exactly where TARAexl sits.

What TARAexl is

The full ISO/SAE 21434 TARA method — as a guided desktop workflow.

A single-user Windows desktop application that implements the full 21434 TARA method and produces the auditor-ready deliverables at the end. It ships as a portable Windows x64 zip — unzip and run, no installer, no account, no auto-update — and stores everything locally in a project file you own.

  • Runs 100% offline — it works on a machine that has never touched the internet.
  • Portable zip: unzip and run; everything stored locally in a project file you own.
  • Full interface in English, German, French and Japanese.
  • Speaks UN R155 (Annex 5 Part-A coverage) and ISO/DIS 24882 — road vehicles and off-highway/agricultural programmes alike.
TARAexl project overview — blurred preview

Preview blurred to protect proprietary detail — book a demo to see it live.

A command-center built for the work

The whole method, one window

  • A fixed sidebar rail groups the app into Workbench · Evidence · Deliver · Tools, with the 6-step workflow ladder numbered, gated, and ticked off as steps are approved.
  • The Project Overview is a KPI dashboard — completion ring, deep-linking risk tiles, and an interactive impact × attack-feasibility risk matrix where every cell opens the risk register.
  • An always-visible search opens the Ctrl+K command palette; a first-run onboarding tour orients new engineers; dark and light themes; comfortable / compact density.
  • Fast at scale — on a 1,000+-entity stress project (measured on our reference hardware; timings vary by machine): opening ~1.6 s, the TARA workbench ~1.5 s, a full export ~3 s.
  • Fully keyboard-operable (including the Relationship Map, Attack Trees and architecture graphs) — a WCAG 2.1 A/AA + EN 301 549 self-assessment is available on request.

Capabilities

The heavy lifting, automated

Guided 21434 workflow

Item definition · architecture & data-flow modelling · assets → damage → threat scenarios → attack paths → feasibility → risk → treatment → cybersecurity concept. Each step gates the next, with an approval / sign-off trail.

Method, done right

Attack feasibility by ISO/IEC 18045 attack potential (Annex G — the five factors) or the CVSS v3.1 exploitability sub-score. Systematic STRIDE elicitation. CAL derived per Annex E Table E.1, with the numeric risk value 1–5 alongside. 15 work-product coverage areas mapped to ISO/SAE 21434 Table A.1 and ISO/DIS 24882 Annex D, with 7 completeness checks running live.

Evidence & traceability

End-to-end traceability graph (asset → … → claim), coverage / gap analysis, baselines and an append-only audit trail. One-click DOCX + XLSX with your branding — a 21-sheet TARA workbook (incl. the UN R155 Annex 5 coverage sheet) and the Cybersecurity Concept. Document control on every cover; "Release as a version" stamps the control block and snapshots a baseline.

Evidence Binder & interop

A one-click Evidence Binder zip — the XLSX report, the DOCX concept, the project file and a manifest.json with a SHA-256 per artifact, byte-identical to the standalone exports. ReqIF (OMG) import/export for OEM↔supplier requirement exchange, designed for loss-free round-trips of TARAexl-managed fields.

Offline AI assistant

A bundled on-device model (IBM Granite 3.3 2B, Apache-2.0) drafts damage scenarios, threats, controls and rationale — every suggestion enters as an editable draft to approve. A runtime backend selector (Auto / CUDA / Vulkan / CPU) with one-click "switch to CPU & retry". No cloud, no data egress.

Trust by architecture

100% offline · zero telemetry · Ed25519-signed per-seat licensing · content encrypted at rest · a cryptographically signed per-customer watermark on exports · evidence binders verifiable per-artifact by SHA-256 · a copyleft-free open-source BOM (MIT / Apache-2.0 / BSD only).

Standards & threat intelligence

Built in — not bolted on

Curated catalogues with real public identifiers, so treatment decisions stand on citable ground.

UN R155 Annex 5, complete

All 30 Part A threats (groups 4.3.1–4.3.7) with per-threat tagging and a live coverage / gap view — supporting the §7.3.3 evidence type-approval auditors ask for — plus all 23 Part B/C mitigations, each mapped to a control (a mapping verified by an automated test in our release suite).

30-control security catalog

v1.2 across 15 categories, every control citing public references — NIST SP 800-53 Rev 5, AUTOSAR SecOC, ISO 14229 UDS, TLS 1.3 (RFC 8446), Uptane, EVITA HSM, UN R156, OWASP, NCSC, IEEE 802.15.4z UWB.

Curated threat packs

46 MITRE EMB3D threats (genuine TIDs), 34 Automotive Threat Matrix techniques across Auto-ISAC's 14 tactics, 28 automotive CAPEC patterns and a 13-template generic library — all STRIDE-categorised and cross-linked.

SBOM & offline CVE matching

Import SBOMs in CycloneDX and SPDX (JSON, auto-detected) with fully offline CVE matching — compile an OSV/NVD snapshot on any online machine and side-load it, so air-gapped fleets stay current without the tool touching a network.

EU CRA readiness

On machinery projects the Coverage view maps the documented risk assessment to the Cyber Resilience Act Art. 13(2)–(3) for the Annex VII technical documentation. (CRA applies from 11 Dec 2027; type-approved road vehicles remain under UN R155.)

ISO/DIS 24882 as a real profile

Annex D work-product codes, the standard's Likelihood and Availability terminology, and Table 11 risk values — switched automatically by project domain, not just a label.

Inside the workbench

See the method at work

Screens from the workbench — previews are intentionally blurred to protect proprietary detail. Book a demo to see them in full.

TARAexl TARA Analysis dashboard — risk matrix and risk distribution

Risk dashboard — matrix & distribution

UN R155 Annex 5 coverage and gap analysis

UN R155 Annex 5 coverage & gap analysis

Standards coverage — work products, CRA mapping and gaps

Standards coverage — work products & gaps

Attack trees and attack paths

Attack trees & attack paths

Threat scenarios with STRIDE elicitation

Threat scenarios with STRIDE

End-to-end traceability relationship map

End-to-end traceability map

One-click DOCX and XLSX report export

One-click DOCX + XLSX export

Licensing, the on-device AI model and the compute-backend selector

Licensing, AI model & compute backend

Who it's for

Built for the whole supply chain

  • Tier-1 / Tier-2 / Tier-3 automotive suppliers producing TARAs for OEM programmes.
  • Smaller & emerging OEMs that need 21434/R155 evidence without an enterprise platform spend.
  • Cybersecurity engineers & managers who want the method enforced and the report generated — not hand-built.
  • Teams on air-gapped / restricted networks (defence-adjacent, IP-sensitive) that cannot use cloud tools.
  • Off-highway & agricultural machinery makers working to ISO/DIS 24882.

Why TARAexl

How it compares

Cloud lifecycle platforms Spreadsheets / generic tools Consultants TARAexl
ISO 21434 method built-inn/a
UN R155 coveragedepends
Runs fully offline / air-gapn/a
Your data stays on your machine
Auditor-ready report out-of-the-box
Affordable per-seat
Knowledge stays in-housepartial

The offline, affordable TARA workbench that helps automotive teams get ISO 21434 + R155 audit-ready on their own machines — the method, the evidence and the report, without the cloud or the consultant.

Trust & security

Private by default — buyers will ask

100% offline

No account, no server, no online activation, no auto-update. The renderer is locked down (connect-src 'none') and the on-device AI model ships inside the portable package — the app never needs a network connection at all.

Zero telemetry

We collect nothing. Your TARA is yours.

Your work survives a crash

Atomic saves with backup recovery, and project-file locks that self-heal — designed so a killed instance never blocks reopening your project.

Your IP stays yours

Proprietary catalogs and methodology data are encrypted at rest in the install; official exports carry a cryptographically signed per-customer watermark.

Licensing that respects you

Per-seat, node-locked, Ed25519-signed (the signing key never ships). When a licence lapses the app drops to read-only — designed so you can still open and export your existing work, not be locked out of your own data.

Honest about limits

The licence is a strong deterrent plus tamper-evident per-customer traceability — not an "uncrackable" DRM claim. We'd rather tell you the truth than oversell.

Where this goes

Local, affordable, method-complete — private by default

Horizon 1 · now → next

Becoming the definitive offline TARA workbench

Richer threat catalogs (MITRE EMB3D alongside CAPEC), attack-tree / attack-path assists, ReqIF import/export for OEM↔supplier exchange, an even stronger evidence binder, and an AI assistant that genuinely saves hours per analysis.

Horizon 2

Munimentx — the product-security suite

An offline companion for the organisational layer — ISO/SAE 21434 §5 + UN R155 Annex-5 CSMS: governance, evidence register, audit-readiness dashboard and a one-click R155 evidence binder. TARAexl proves the product; Munimentx proves the organisation.

Explore Munimentx →

Horizon 3

The lifecycle, end to end, on your terms

Continuous activities recorded locally (monitoring, vulnerability triage, incidents, R156 updates), multi-framework coverage (ASPICE-for-Cybersecurity, ISO 27001) — while never compromising the promise: your data never leaves your machine.

Horizons 2–3 describe our roadmap and may evolve. What we'll deliberately never build: cloud monitoring / vSOC / telemetry ingestion, or anything that requires your design data to leave your control.

Build your auditor-ready TARA on your own machine.

Request a trial or book a 20-minute walkthrough — and see a full ISO 21434 + R155 TARA produced offline, end to end.

Request a trial Book a walkthrough

TARAexl supports your ISO/SAE 21434, UN R155 and EU CRA work. Audit and type-approval outcomes remain the responsibility of your assessors and approval authorities.