Evaluation of Threat Modeling Methodologies
November 2016 • Presentation
Forrest Shull
The result of this work is a set of test principles that can help Programs select the most appropriate threat modeling methodologies.
Publisher:
Software Engineering Institute
Watch
Abstract
Failure to sufficiently identify computer security threats leads to missing security requirements and poor
architectural decisions, resulting in vulnerabilities in cyber and cyber-physical systems. This research compares practical threat modeling methods (TMMs) that proactively identify cyber-threats, leading to software requirements and architectural decisions that address the needs of the DoD.