Threat Modeling is a must have of the Secure Development Lifecycle (SDLC) in Industrial Automation and Control Systems (IACS) and product planning. Conducting threat modeling during the early stages of product design and development, as well as ensuring compliance with security requirements, often presents numerous challenges for engineering and development teams. This speech will combine process implementation with practical experience, offering insights into following the IEC 62443-4-1 framework to establish a comprehensive process from the perspective of requirement verification and testing.

We will systematically explore the methodologies of Threat Modeling and Risk Assessment (TMRA), explaining how to identify critical threats, evaluate potential risks, and design effective mitigation measures during product development. Through anonymized real-world cases, we will demonstrate how to translate TMRA results into specific testing requirements and align them with the testing requirements of the Security Verification & Validation phase.

The session will cover:

• Threat identification and case studies
• Demonstrations of testing methods for specific threats

Additionally, we will share common challenges and solutions encountered during product certification and discuss how to establish a sustainable security maintenance mechanism.

This course is designed for product development team members, system security engineers, software security architects, and professionals responsible for certification evaluation, DevSecOps, or SDLC. Through practical recommendations, process guidance, and valuable hands-on experience, we aim to help participants build secure development processes for IACS and deepen their understanding of product security.