Evaluation of Threat Modeling Methodologies
The result of this work is a set of test principles that can help Programs select the most appropriate threat modeling methodologies.
Software Engineering Institute
Failure to sufficiently identify computer security threats leads to missing security requirements and poor
architectural decisions, resulting in vulnerabilities in cyber and cyber-physical systems. This research compares practical threat modeling methods (TMMs) that proactively identify cyber-threats, leading to software requirements and architectural decisions that address the needs of the DoD.