Towards Automating a Risk-First Threat Analysis Technique
Abstract: During the past decade, secure software designtechniques have found their way into the software developmentlifecycle. In this context, threat modeling (or analysis) methodologiesare used to systematically identify threats in the designphase of software development. However, threat modeling isoften performed manually, which is time-consuming and errorprone.An existing methodology called eSTRIDE tries to solvethe problem of high manual effort by introducing securityrelated enrichment’s to the software architecture models and byintroducing reductions during the analysis. But the lack of toolsupport may counteract the advantages of using the methodology.Therefore, the aim of this work is to find out how to supportsemi-automation of eSTRIDE.We have produced a prototype toolusing the design science research methodology, which allows theuser to create or modify an extended Data Flow Diagram of theirsystem and perform eSTRIDE. A workshop with ten participantswas used to evaluate the tool. We studied the average precision,recall and productivity of the analysis results. Finally, we foundthe perceived usability of the tool, which was mostly positive.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)