Risk Assessment

Risk AssessmentRisk AssessmentWhat is good about the Microsoft approach to threat modeling?

OCTAVE… Advantage: ___________

Disadvantage: ___________

What is bad about it?

OCTAVE– a brief history

OCTAVE– a brief history

1999OCTAVE developed by Software Engineering Institute

2003

2007

OCTAVE-S a streamlined version

OCTAVE Allegro

http://www.sei.cmu.edu/reports/07tr012.pdf

OCTAVE Allegro Roadmap (see reference on previous slide)

OCTAVE Allegro Roadmap (see reference on previous slide)

The purpose is to think about later threat ranking

Step 1: Establish Risk Mgmt CriteriaStep 1: Establish Risk Mgmt Criteria

This is concerned with things like …“organizational drivers”, “mission”,“business objectives”

Step 2: Develop an Info Asset ProfileStep 2: Develop an Info Asset ProfileFor a software project we need to

__________________ __________________ ___________________

Step 3: Identify Asset ContainersStep 3: Identify Asset Containers

Where are the assets ..stored? ..transported? ..processed?

Step 4: Identify Areas of ConcernStep 4: Identify Areas of Concern

Brainstorm possible threats

Step 5: Identify Threat ScenariosStep 5: Identify Threat Scenarios

Build threat trees

A scenario is ___________________________

Step 6: Identify RisksStep 6: Identify Risks

Step 7: Analyze RisksStep 7: Analyze Risks

Use formula of probability * impact

Step 8: Select Mitigation ApproachStep 8: Select Mitigation Approach

An interesting omission from the Microsoft approach

Ranking ExampleRanking ExampleFor a single threat/risk:

There are worksheets to help discover ranges for ranking