SPARTA: Security & Privacy Architecture through Risk-driven Threat Assessment



Functionalities
  • build DFD Model creation

    Graphical editor for creating new DFD models.

  • add_circle_outline Security solution enrichment

    Enriching the DFD models with security solutions, which are taken into account during the threat elicitation.

  • autorenew Import/reuse of threat and security solution catalogs

    Import and reuse existing security solutions across multiple models. Threat catalogs can be customised and reused across projects as well.

  • assignment Threat elicitation

    Automatically generate threats for the DFD model, taking into account all the existing security countermeasures and the threats they prevent.

  • insert_chart Per-threat Risk Analysis

    Automatically perform a risk analysis for each elicited threat.

Used technologies
  • developer_board Eclise Modeling Framework

    DFD meta-model and security solution meta-model are made in Eclipse Ecore.

  • developer_board Sirius Viewpoint Specifications

    Graphical DFD model editor built on sirius.

  • developer_board VIATRA

    DFD pattern matching for the threat elicitation.

  • developer_board Acceleo Query Language

    DFD model correctness checks are written in AQL

  • developer_board FAIR Risk Components

    Risk analysis uses the Risk components from FAIR (Factor Analysis of Information Risk)



Prototype screenshots
DFD Editor
Generated threats
SecureDrop Model
Prioritized threat list


Demo Video
More information

For more information on the prototype and eclipse plug-ins, contact us.