This lecture discusses the role of threat modelling in securing existing systems or improving security during software development. It covers a range of tools and techniques, including data flow diagrams, attack trees and STRIDE threat labelling.

• Lecture video
• Slides (PDF)
• Other resources:
  • Howard & Lipner, The Security Development Lifecycle
  • Shostack, Threat Modeling: Designing For Security
  • Protection Poker: an agile game for mitigating risk
  • Microsoft’s Threat Modelling Tool
  • An alternative approach to threat modelling: Octave Allegro
  • Common Vulnerability Scoring System
  • CVSS 3 calculators from NIST and FIRST.org