Definitions
In this phase, users can define all relevant assets and associated damage scenarios for the system model by clicking the ADM button on the left side of the Definitions window. Additionally, users can provide details on assumptions by navigating to the AS section on the left side of the page. The risk matrix chart can also be customized to meet specific needs; users can access this by selecting the RM page on the left side of the Definitions window.
Assets and Damage Scenarios
Assets refer to valuable resources or components within a system that are essential for its operation or functionality. In the context of cybersecurity, assets can include data, hardware, software, networks, and other critical elements in the system that need to be protected from any kind of malicious activities. On the other hand, they are also valuable targets to be attacked by hackers. Therefore, assets in threat modeling are essential to describe critical elements in the system. Once a cyber attack takes place, a potential situation or event could lead to harm, loss, or compromise of the asset itself, which is described in the damage scenario.
ThreatGet's latest versions describe both on the model level, where all modeled diagrams within a particular model share all defined assets and damage scenarios. Each asset could have a relation with damage scenarios to define the consequences of a particular damage due to cyber incidents, which can be defined through an Asset - Damage Scenario Matrix. On the Definitions page, the user can access assets and damage scenarios by clicking the ADM button on the left side of the page.
Assets
Let’s begin by creating assets. Start by defining three assets: Data Communication Lamp request, Data Communication Oncomming Car Information, and Firmware of Body Control ECU. These assets will be used in the modeling of the Headlamp Example in the section Managing and Creating Diagrams. To add an asset, click on the green + button on the Asset side to begin defining the necessary information for the asset you want to create.
Afterward, empty fields includes name, descprion, and security attributes (e.g., Confidentiality, Integrity, and Availability) will appear on the right side of the window, asking for more details about the required asset. Once all required information is filled, press the Save button to store the created asset as part of the current ThreatGet model.
Damage Scenarios
Now we can define the damage scenario for the previously created assets, which can define the impact category and level in case a cyber attack happens. To do so, press the green + button on the Damage Scenarios section. We created three damage scenarios: Front Collision, Malfunctioning Automatic High Beam, and Vehicle Cannot be Driven at Night, with all necessary information, including Name, Description, Impact Category, and the Relationship with asset(s).
The level of impacts varies from low (i.e., Negligible) to critical (i.e., Severe), indicating the severity of the damage. Additionally, the impact category should be defined to describe the potential consequences against a particular category, including S: Safety, F: Functional, O: Operational, and P: Privacy.
Asset - Damage Scenario Matrix
Once all assets and damage scenarios are defined, ThreatGet will display them as a matrix description, and now the user can define which damage scenario(s) can be assigned to particular asset(s).
Assets and Damage Scenrios on the Project level
The previously discussed steps for creating assets and associated damage scenarios are part of modeling a particular system model. However, ThreatGet also provides a global definition of assets and damage scenarios that can be applied at the project level, allowing all sub-models to share the same assets, damage scenarios, and their relationships. Users can define these at the project level by selecting the Asset - Damage Scenario Matrix button.
A page displaying a matrix of assets, damage scenarios, and their relationships will appear, following the same steps outlined for creating them at the model level. Users can follow these steps to create assets, define related damage scenarios, and establish the associated relationships.
!!! info "💡 Tip" Once the process is complete, and the user has created assets, defined damage scenarios, and established relationships among them, these assets can be utilized across any sub-models, even if those models do not contain assets of their own.
Assumptions
Users can define customized assumptions to be used as part of the system model. This can be done in the definition phase by switching to the assumptions view, accessed by clicking AS on the left side of the page in the definition phase.
The user can add any specific assumption as needed by entering the title of the assumption in the empty field and then pressing the Add button.
All recently added assumptions, as well as any previously created ones (if any exist), are listed in the open window.
Risk Matrix
The evaluation of risks for each detected threat is primarily based on the risk chart, which displays the distribution of risk levels according to likelihood and impact values. Users can check the risk level by switching to RM on the left side of the Definitions window.
The user can adjust the distribution of likelihood and impact across the risk matrix to align with specific requirements, tailoring it to reflect their risk assessment strategy. This customization allows the user to better model and evaluate risks based on the unique characteristics and priorities of their system. Once the user has made changes, they should press the green save button to apply and retain these updated values for future risk evaluation actions.