Architecture: Designing ThreatGet Models
ThreatGet comes with multiple components that can represent the system parts, each with a set of security properties representing a set of protections that can be activated as needed by the user according to the system's modeling requirements. All of these components and security properties can be extended by the user to add any more specific components or related properties that can model a complete designed model that mimics the reality of the system design. Users can manage and create components and their associated security properties on the following pages: Managing and Expanding Components and Security Properties.
Designing System Model: Components and Interconnections
To see how the modeling process works, we expect to have the following model, which describes the Headlamp example, including multiple ECUs, a camera, an actuator, and connectors.
The following video shows steps for modelling the whole model.
As demonstrated in the videos, the user can select the appropriate system component and drag it into the workspace. Then specify the interface to model the communication channels between these components. Adding specific system components to the user’s system model can be managed through the Managing and Expanding Components section.
!!! warning "⚠️ Important Note" You should save the model by clicking the black 💾 icon in the top right corner. Otherwise, any changes made to the model will not be stored.
Defining Associated Assets
Now, we can use the previously created assets (i.e., Data Communication Lamp request, Data Communication Oncoming Car Information, and Firmware of Body Control ECU) as discussed in Assets and Damage Scenarios.These assets can be assigned to the relevant system components (e.g., Body Control ECU, Camera ECU, Shared Medium). By pressing on the target element, a detailed list will appear on the right, allowing you to select the applicable existing assets from the ASSETS list.
Once you select the target asset(s), the letter A will be displayed on the upper right corner of the element, identifying that the componet has asset(s).
Defining Security Properties
Each system component has a set of security properties, each playing an essential role in the security analysis process. These properties provide protection mechanisms against cyber threats. During the design phase, when modeling the required system, the user can select suitable values for each security property. In the Analysis pahse, ThreatGet considers these values to determine whether any of these properties can mitigate potential cyber risks.
As shown in the figure, The Camera ECU component has Secure Boot, Cryptographic Hardware Modules, Physical Protection, Updatable, and Trusted, where all values of these properties ate undefined, which it means that non of these properties are activated. The user can select between Strong, No, Weak, or Moderate, which represent the level of protection that each of these properties can add for securing components in the system model.Adding specific security properties to the system's components is managed through the Managing Security Properties section. .