This document applies to IriusRisk versions >= 2.0.0
Defining the Architecture
The architecture model of the system consists of Components that are located in Trust Zones. Components can be added to the model through the Components window on the right of the Architecture Tab:
Click on the components that most closely matches the component in use by your architecture.
Ensure that both a client and a server side component are added where necessary. For example, if a server-side web application makes requests to a third party web service, then add a "Generic Client" component to represent the client side of that connection, and a "Web Service" component to represent the server side.
Once you have the components defined you can add Dataflows to model data transfers between components. Just click on "Add Dataflow" button.
Now you define the Source and the Target of the communication and the assets involved with it. Then you click on "Save" button.
Then you can see the Dataflow in the diagram view:
You can also use templates to define your architecture. Templates are reusable pieces of architecture that can be plugged into other architectures. Just click on the "Import Template" button.
Now you can see the available templates to import into your product. Select the one you need and click on the "Import" button so that your Architecture and the threat model gets updated.
Importing Threat Models from Microsoft Threat Modeling Tool
Threat models defined using the Microsoft Threat Modeling Tool can be imported into IriusRisk.
Imagine you have the following model:
Save it as an MS Threat Modeling Tool 2016 file (*.tm7) and upload it into IriusRisk using the Products tab (Action → Import Microsoft Threat Modeler file).
You'll see a new window. Click on "Select a file" to select the Microsoft Threat Modeling Tool file (*.tm7/*.tm4).
A screen will be presented to define the mapping between Components already defined in the IriusRisk model and the Assets defined in the Microsoft model:
If you click on the "Import" button, the corresponding Threats from the MS model will be imported and transformed into the IriusRisk data model using the following transformation:
- A new "General" use-case will be created for all Threats
- Threat's name and description are parsed from the model and the Unique ID is calculated as an MD5 sum of the name.
- The Impact rating for Confidentiality, Integrity, and Availability are all set to the same value corresponding to the Risk rating from the MS Model
- A Control is created if the MS Threat is marked as mitigated using the following schema:
- The name of the Control is the first sentence or fragment ending in any punctuation, from the "Justification" field of the MS Model.
- The description of the control is copied from the full content of the Justification field.
- The Unique ID is the MD5 sum of the name.
- The control state is set to Required.
- Controls are not connected to any Weaknesses as these are absent from the MS model
- Threats are initially imported with the source set to "External model" (tag with X in the "Source" column).
Re-importing an MS Threat Model
If a Threat imported from an MS model has the source set to "External Model", then re-importing the same model will overwrite all of the content with the content from the MS Model. However, if the threat is modified and saved from within IriusRisk, then the source is changed to "Manual". Threats with this source will not be overridden by subsequent imports of the same model.