Release Notes 2.x
- Threats can be further described using Functional Chains and Scenarios, as it is done for Capabilities.
- This is the analog expected behavior: FC and Scenarios can describe desired usage contexts (Capabilities) but also undesired ones (Threats)
Currently in DARC the user can create Primary Assets of two types:
-
Functional (regarding services provided by the system and to be protected)
-
Information (regarding data manipulated by the system and to be protected).
However, other kinds of Primary Assets exist that do not map to this typology. Examples are "brand image", "technology superiority".
- Threats are now associated to security parameters
- Added confidentiality, integrity, availability, traceability, as for Primary Assets, Functions, Exchange Items)
- Threat sources may pass through other Actors to attack the system.
- The user shall be able to identify how a Threat Source can use another Actor of the system to attack the system.
- This "use" relation shall be validated by the existence of functional exchanges, component exchanges or physical exchanges between them.
PVMT VP is compatible with Cybersecurity Addon Property applicable on cyber elements, and its possible to define rules for cyber classes
- Activity Explorer support to create Diagrams with Cybersecurity decoration
- TDB diagrams support to OA, SA, LA, PA levels
- xAB diagrams support to to OA, SA, LA, PA levels
- Semanitc Browser, Properties, Validation Rules, Bussines Queries extended to to OA, SA, LA, PA levels
- Transition of Threats
- Transition of Primary Assets
- Transition of related elements
XHTML docgen addon is now extended with DARC viewpoint