Software Engineering Institute

Failure to sufficiently identify computer security threats leads to missing security requirements and poor architectural decisions, resulting in vulnerabilities in cyber and cyber-physical systems. This research compares practical threat modeling methods (TMMs) that proactively identify cyber-threats, leading to software requirements and architectural decisions that address the needs of the DoD. The primary result of this project is a set of tested principles that can help programs select the most appropriate TMMs. Using the most appropriate TMMs will result in confidence in the cyber-threats identified, accompanied by evidence of the conditions under which the TMMs are most effective.