Define Include and Exclude expressions for Threat Type. Expressions reference objects in the design view to determine when to create a threat in the analysis view. Grammar for expressions is as follows:

The grammar for creating the Threat Expression is given below.

<rule> ::= <expression> { <op><expression> }

<expression> ::= <object>[.<property>] IS <value>  |  Flow crosses <entity_id> | [ NOT ]( <expression> ) 

<object> ::= Source | Target | Flow

<property> ::= [Stencil Property Name]

<value> ::= ‘Stencil Property Value’

<entity_id> ::= [Stencil Name]

<op> ::= AND | OR

Define values for other columns for the threat like DescriptionJustificationPriority and any other custom column you might have defined in Custom Column screen. The values in the fields can be plain text describing information about the fields corresponding to threats. You can add presets. Presets helps in creating dynamic text for the field. E.g. if you want to define text for the Description field which contains information about the flow for the threat you can define text for the field like “Description of threat for {flow.Name}”. In the analysis view when the threat is generated, the preset expands to get name of the flow the threat applies to.

Error Reporting

The fourth tab present in the template editor is the Error Messages tab. This tab is not used for your configuration but is a notification window that indicates errors or warnings that have occurred in the system based on some user configuration. E.g. while creating a stencil there are 2 mandatory fields which need to be configured. If either of these 2 is not set by the user then an error message is logged in this window indicating to the user that there is an error.

The Error message window is a dock able window. This means that the error message window can appear as a dock able window upon double-clicking any error message in the Messages Tab will cause the tab to turn into a dock able window and attach itself to one of the 3 tabs i.e. Stencil, Threat Types or the Threat Properties.

The user can then use the arrow keys or the mouse to select the error notification from the list and look at the control which is causing the error. The control in question is highlighted using a red colored border and the parent object (Stencil, Threat Type) is highlighted using a red colored box.

The Messages window allows the tool to identify any errors, warnings or inconsistencies in the Template. In order to use the template in Threat Model creation, all the issues appearing in Message tab must be fixed.


Sample Threat Model Data Flow
Order Now on