New Feature: Global Propagation

The logic to calculate the Risk Level, Damage Potential and Attack Effort of elements has been re-implemented. This may effect calculated values: the new implementation always considers all possible propagation paths for the Attack Effort instead of performing a local iterative combination. This means that results are more accurate and some Attack Effort values might become lower and the overall Risk Level correspondingly higher.

New Feature: Damage Mitigation

Assumptions now affect the damage potential of Security Goals, Threats and Controls. For this purpose Assumptions must now be used in the “mitigated by” relation of Threats and in a new relation called “damped by” located at Security Goals. It is not longer possible to connect Assumptions with Risk elements. In the “mitigated by” relation, Assumptions can be combined with Controls. Assumptions can define a maximum Risk Level, maximum Damage Potential and minimal Attack Effort as well as Damage Transformations (e.g. quality issues are transformed into financial losses). The effect of Assumptions is propagated to connected elements together with the Attack Effort.

New Feature: Attack Trees

A new relation “refined by” at Threats supports modelling of Attack Trees, i.e. Threats can be defined as a combination of other Threats.

Various Fixes and Improvements

  • Fixed initialization of Risk Factors after creating a new Threat
  • Fixed that Sequences were included in Security Goals Assessment
  • Fixed unintended scrolling up when clicking a button inside an editor
    (e.g. in the Suggestion Overview)
  • Fixed “Create All” feature in Security Goals Assessment
  • Fixed erroneously displayed warning regarding protection information in Controls Catalog
  • Fixed visualization of Sequences with quotes (“) in names or containing comments
  • Intentions are now grouped in the respective menu (Alt+Enter)