We don’t allow that Threats act on Data element directly, because we consider them “intangible”. Data can only be threatened during transmission or when it is physically stored somewhere. Thus, Threats may only act on a Component, or Data Flow (or Channel in the future). It then automatically affects the transferred Data. However, this has to be modeled explicitly. The tool helps you to establish the appropriate “threatened-by” relation between Security Goals and Threats if you want to have it. There is one Chunk called Suggestion Overview that evaluates the modeled structure of the System to generate a list of possible relations that you can accept individually or altogether.