| dc.description.abstract | Threat modeling is a method for identifying and analyzing security problems early on in the development
life cycle. The infancy of the discipline, the absence of a shared scope, and variations
in complexity and application all contribute to the challenge for decision-makers to select a threat
modeling method and tool. This study proposes a systematic decision-making approach, the core
of which lies within a decision model suited to mitigate this challenge. The model facilitates the
evaluation of threat modeling methods based on a set of criteria. In its current state 95 requirements
and 18 threat modeling methods are mapped. The requirements were extracted and refined
by doing an SLR, expert surveys, and interviews. Quality criteria were derived and a preliminary
mapping between qualities and requirements was created. The context of the selection in terms of
goals, scopes, and preferences was investigated and served as input for creating the final systematic
decision-making approach. This approach underwent evaluation through a case study using criteria
from the Prat taxonomy. Results indicate that the proposed systematic selection approach has the
potential for assisting in making traceable decisions but needs to be further refined and validated.
Moreover, the collected data and results of the analyses, and especially the methods, requirements,
and quality criteria refined through a multi-phased research protocol can serve as a foundation for
future research. | |
