Furthermore, we have identified a threat “eavesdropping” on the communication channel between these components. Fortunately, this can be largely automated based on the system model.Īs an example let’s assume that we have identified the asset “password” which is transferred between two components. But this implies a large number of relations between security goals, threats and controls. If this separation is not uphold there is a danger of inconsistent assessments. When following our recommended workflow, attack effort and impact are assessed at separate elements. Based on this information a tool is able to provide much more precise suggestions about possible threats and controls for a given system. Technology tags are a very simple but powerful addition to enrich catalogs. This only requires that the threat catalog is classified in some way, e.g. Because the system is subject to change it is important that snapshots of this overview can be compared.Ī similar overview like for asset identification is possible for threats. confidentiality, availability, integrity) per element is very helpful. An overview of possible assets and the security attributes (e.g. With increasing number of system elements it becomes difficult to ensure that all assets have been considered. YAKINDU Security Analyst offers a reduced data-centric view on the function mapping with corresponding consistency checks. For example, if some data is stored in a component, it is likely that any function mapped to this data should also be mapped to that function. Fortunately, it is possible to use existing modeled relations between the remaining elements to ease function assignment. However, it is important to know which functions are affected if a certain component is vulnerable. There is one relation between system entities that is particularly cumbersome to capture: the mapping of functions to components, data and data flows. Let’s go through some other places where tool assistance is desirable.
Also the re-analysis on the resulting risk after implementing controls will be a challenge.
Microsoft’s Threat Modeling Tool (TMT) is one of those, but it only covers the TA (threat analysis) part and not the RA (the risk assessment) part including impact assessment.
Currently, there are very few tools with a corresponding focus. Excel users will soon lose the overview how everything is connected. Especially the workflow to analyze threats and assess the resulting risks will no longer be manageable in Excel spreadsheets. Automotive OEMs and their suppliers that want to comply with ISO21434 will need rich tool assistance.
0 kommentar(er)
