| Table of Contents | ||
|---|---|---|
|
To manage your attack paths, open the Global Attack Paths view in the RM-folder and click the green ‘plus’ 
- icon in the upper top right edge to add a new row.
...
Identifying Attack Paths (Using Global Catalogs)
An attack path Attack paths can be added to a threat scenario by creating row in a nested table below a threat scenario. Right-click on a threat scenario and select “Add Add Attack Path” Path from the context menu.
...
The overall design and usage of the attack path table are analogous to the other tables. As the below screenshot demonstrates, Attack Paths are sourced from the associated catalog. Having added a row to take your To select an Attack Path, double-click inside the input field and make your selection from the drop-down menu providedor drag-and-drop an attack path from the catalog.
...
For each rating parameter or metric select the level from drop-down menu as needed. You may declare a textual Justification.
...
Attack paths can be characterized in more detail by adding one or more attack steps. The attack steps of an attack path might can be derived from an attack tree analysis (ATA). Alternatively, attack steps can be created directly in the TARA.
Attack Steps management is subject to the same rationale as applicable to Attack Paths. Thus, to manage your attack paths, open the Global Attack Steps view and click the green ‘plus’ icon in the upper right edge to add a new row.
To add an attack step right-click on an attack path and select “Add Attack Step” from the context menu. This activity will create a nested table containing the attack steps of corresponding attack path.
...
An attack step provides a variety of attributes allowing a detailed characterization of the underlying attack activity. As shown below, Attack Steps are sourced from their associated catalog (global catalog scenario)in the RM folder.
...
Add content as needed:
A text field is provided to assign a Name (optional)
A Vulnerability can be selected from the drop-down menu if known.
Select a Cybersecurity Property and Attack Class from the drop-down menu as required.
Preceding Step provides a drop-down menu listing all attack steps in the project . By this you to define the order of action.
At attack step level, the (local) attack feasibility can be rated as well to as support rating ratings on attack path level. The rating method is adopted from the attack path.
The next figure presents a total of three attack steps containing varying levels of detail.
...
To add an attack step in the TARA, right-click an attack path column and select Add Attack Step from the context menu. A nested table will be created in which the Attack steps from the RM folder can be added.
...