Threat analysis and risk assessment

This chapter provides information for each process step, that is needed as part of a threat analysis and risk assessment (TARA). The following subsections correspond to these core activities.

The core activities that will be covered are:

  • Item definition
  • Asset identification and impact rating
  • Threat scenario identification
  • Attack path analysis
  • Risk determination and treatment

The elements are organized and stored in so-called chunks. Each chunk is represented by one entry in the project navigation tree and can be organized in folders. Item definition or TARA related chunks can be found in the respective folders. The most important chunks are:

  • System specification chunk: definition of the system under development (SUD) or item, i.e., components, data, data flows, channels, and functions.
  • System diagram: provides a block diagram editor for the SUD.
  • Function assignment: matrix to assign functionality to components, data, data flows, and channels.
  • Security analysis chunk: definition of assumptions, threat scenarios, damage scenarios, attack steps, controls, control scenarios, and risks.

Every element needed for the completion of those activities can be created in the corresponding chunk using the described keyboard shortcut ( [Ctrl+Space]), the toolbar buttons or the context actions.

Each security analysis chunk features a table-like view of its contents. You can change the projection with the toolbar button "Toggle TableView" or the [Ctrl+Shift+P] key combination.