Skip to content

Managing Capabilities

Capabilities are used to define pre- and postconditions. A precondition describes what has to be given before an attack step is made, whereas a postcondition analyzes the results of an attack.

For example, entering an Admin Password before an action can be defined as precondition. The postcondition would then verify, that we have Control over a component. The postconditions can be used as preconditions for later attack steps. Inside an anti-pattern of a rule, a precondition can be defined by using requires capability, and a postcondition by provides capability.

Create a new Capability

To create a new capability, go to the ThreatGet toolbox and click the C button on the left side to open the Capabilities form.

Search Bar button

As displayed, there is a list of all default capabilities provided by ThreatGet. However, for specific requirements, users can create new customized capabilities to fully align with their system design. To do this, simply click the New Capability button at the top of the list.

Create New Capability

Enter a name and meaningful description for your customized capability. Define the Type, which can be BOOLEAN, INTEGER, or STRING.

Name and Description for Capability

For the boolean capability type, values are preset and cannot be changed.

Bool Capability

For string and integer types, values should be entered manually. You can do this by entering the value into the New Value field and then clicking on Add.

String Capability

As you can see, all capabilities are created with the default namespace (in the standard installation called "USER"), but a different one can be selected if needed. The items created by AIT have the "AIT" namespace.

Namesapce Capability

To save your newly defined tagged value, please click on the Save button.

Save button

You can also cancel the creation of the new capability by clicking on the Trash Can on the top.

Delete button

You can also select the Circular Arrow to undo any changes.

Undo button

Search for a Capability

As the number of capabilities increases over time, finding a specific capability may become challenging. This can be addressed by using the search bar, where the user can type the capability name to locate it quickly.

Find Capability

All the capabilities matching the search will be listed.