RE: Threat Modeling

["Mikael Brejcha" <mikael () brejcha com>]

Does anyone know what has happened to NIAP's free tool for creating Common
Criteria protection profiles and Security Targets? It used to be available
on this) URL ( http://niap.nist.gov/tools/cctool.html ) but has now
disappeared without a word.

This tool however (if you can find it), is a great sidekick when doing
threat modeling for a specific target. It basically is a GUI around an
extensible knowledgebase of assumptions, threats, attacks and countering
objectives. 

Not only does it contain this great knowledgebase of general threats. It
also allows you to approach those threats in a top-down approach, where you
mark which general threat categories that applies to you target and then get
the subordinate general threats for those threat categories chosen. From
there you can get to specific attacks for those general threats. It also
matches those attacks to attack countering objectives thereby allowing you
to match threats and requirements.

Matching threats to requirements and vice versa is something that in my
opinion is crucial in a long lived project/product where requirements are
questioned down the path and new threats emerge along the way. 

Combine cctool and an attack tree modeling tool where you get a good view
and starting point for finding new threats and then you have pretty much the
ultimate threat modeling tool in my opinion.

P.S. I have failed to get the support I need for doing threat modeling by
just using the OCTAVE model on its own. The categories described by OCTAVE
seem to be too general in order to give any real support.  

/Mikael Brejcha

-----Original Message-----
From: Mark Curphey [mailto:mark () curphey com] 
Sent: den 18 maj 2004 23:23
To: webappsec () securityfocus com
Subject: Threat Modeling

Does anyone have any experience with the OCTAVE threat modeling methodology
from CMU ?

What threat modeling methodology do you use and why ? 

Any links to any free threat modeling tools out there ?