2 Under Attack: Identifying Threats

 

This chapter covers

  • Understanding the System Delivery Lifecycle (SDLC)
  • Learning what Thread Modeling is
  • Identifying threats in your software and systems, including supply chain threats
  • Calculating risks against the assets you want to protect

The System Delivery Lifecycle (SDLC), sometimes known as the Software Development Lifecycle, is the process by which systems, including software, are developed and delivered. This process can be short or long depending on the needs of an individual project or organization. Since the SDLC is such a critical process that involves the development of software, it is a prime target for attack. These attacks that target the production and consumption of software are the definition of supply chain attacks.

2.1 Overview

The SDLC itself is also a process that is separate from what is traditionally considered project planning, for example Agile vs. Waterfall. Your SDLC should support any project planning methodology, or planning stye, the only difference you would see from the perspective of the SDLC is how quickly you iterate through the process. For example, if you are running a large Waterfall project you might expect your SDLC loop to take months to years. For a smaller Agile project iteration your loop through the SDLC might be measured in days or weeks.

2.1.1 Example SDLC Flow

2.2 The Threat Modeling Process

2.3 Understanding the System

2.3.1 Identifying Assets in the System

2.3.2 Identifying the Internal Authorized Actors in the System

2.3.3 Identifying the External Systems

2.3.4 Identifying the External Authorized Actors

2.3.5 Identifying Interactions

2.4 Identifying Threats

2.4.1 Identifying Attack Vectors

2.4.2 Identifying Threats by Example

2.5 Determining Mitigations

2.6 Summary