This paper presents a software-centric method that uses architectural risk patterns to greatly speed up the process of generating a threat model that also introduces a degree of consistency that is often lacking in purely manual approaches.
This method for creating patterns employs principals from Object Oriented software design such as inheritance and polymorphism so that the contents of the patterns can be practically maintained and extended without unnecessary repetition.
Contents:
© Copyright 2014 Security Innovation Europe Ltd. All rights reserved. A company registered in England & Wales. Registration number: 8321696.