AutoTARA

AutoTARA

AutoTARA (Automated Threat Analysis and Risk Assessment) is a web-based framework that supports the ISO/SAE 21434 TARA process for the automotive industry. By integrating the MITRE TARA (CTSA/CRRA) methodology, Meta Attack Language (MAL), and LLMs, AutoTARA provides scalable and quantitative prioritization of security countermeasures.

🔍 Preview

🧩 Visual Threat Modeling

🛡️ CTSA (Cyber Threat Susceptibility Analysis)

📊 CRRA (Cyber Risk Remediation Assessment)

⚔️ Attack Simulation

🚀 Key Features

• Visual Threat Modeling: Build and edit complex system diagrams using an intuitive graph editor powered by AntV X6.
• Detailed Property Management: Configure specific properties for each component and connection within the system.
• Threat Management: Systematically identify, categorize, and manage cybersecurity threats associated with system elements.
• Attack Simulation: Simulate potential attack paths to discover vulnerabilities and validate security assumptions.
• Risk Assessment Modules: Built-in support for standardized assessment methodologies, including CTSA (Cyber Threat Susceptibility Analysis) and CRRA (Cyber Risk Remediation Assessment).
• TARA Results Dashboard: Provides dashboards for generated attack paths, including damage/threat scenarios and attack paths.

🛠️ Technology Stack

This project is built on a modern full-stack architecture.

Frontend

• Core Framework: Vue 3
• Build Tool: Vite
• State Management: Pinia
• Diagram Engine: AntV X6
• UI Framework: Bootstrap 5 and FontAwesome

Backend

• Runtime: Node.js
• Framework: Express.js (v5)
• Architecture: Layered architecture (Controllers, Services, Repositories)

Database

• Database: PostgreSQL 17
• Containerization: Docker and Docker Compose
• Driver: node-postgres (pg)

📦 Project Setup

Prerequisites

• Node.js (v20.19.0 or later recommended)
• npm
• Docker Desktop or Docker Engine + Docker Compose

Installation and Running

This project consists of four services:

• db: PostgreSQL 17
• mal-simulator: FastAPI-based MAL simulation server
• tara-server: Node.js/Express backend
• tara-vue: Vue 3 + Vite frontend

The recommended way to run the full stack is to use the root docker-compose.yml.

1. Start All Services with Docker Compose

docker compose up -d --build

This starts:

• Frontend: http://localhost:8080
• Backend API: http://localhost:3000/api
• MAL Simulator API: http://localhost:8000
• PostgreSQL: localhost:5432

2. Stop Services

docker compose down

3. Override Ports

If a host port is already in use, you can override it at startup.

Example: run PostgreSQL on 5433 instead of 5432.

DB_HOST_PORT=5433 docker compose up -d --build

Available overrides:

• DB_HOST_PORT (default: 5432)
• MALSIM_HOST_PORT (default: 8000)
• TARA_SERVER_HOST_PORT (default: 3000)
• TARA_VUE_HOST_PORT (default: 8080)

4. Backend Environment Variables

The backend service loads environment variables from tara.server/.env, including Gemini-related settings.

Database and simulator connection values are overridden by Docker Compose so that containers can communicate over the internal Docker network.

5. Optional Local Development

If needed, you can still run each service individually without Docker.

Database only:

cd db
docker compose up -d

Backend:

cd tara.server
npm install
npm run dev

Frontend:

cd tara.vue
npm install
npm run dev

MAL simulator:

cd mal-simulator.server
pip install -r requirements.txt
python api_server.py

🐳 Docker Information

The full stack is managed through the root docker-compose.yml.

• Database User: user
• Database Name: tara_db
• Database Volume: pgdata
• Database Init Scripts: db/init
• MITRE Data Files: db/data

👏 Acknowledgements

This project incorporates code and concepts from OWASP Threat Dragon. We thank the OWASP community for its significant contributions to open-source threat modeling tools. Threat Dragon is licensed under the Apache License 2.0.