ADF to MITRE EMB3D Mapping

The following pages show how all AD objects defined in the generic catalog map to MITRE Device Properties (PID) and Threat IDs (TID):

• Physical MITRE EMB3D and ADF Mapping
• Software MITRE EMB3D and ADF Mapping
• Bluetooth MITRE EMB3D and ADF Mapping
• FIDO Device MITRE EMB3D and ADF Mapping

Example Device Threat Model

This example demonstrates the part of Threat Modeling called the Threat Identification phase. In this phase, the attack surface is identified, leading to a list of potential vulnerabilities and threats.

The following pages enumerate potential vulnerabilities of a particular system — the ORSHIN Demonstrator Platform — in a hierarchical way, as specified by given device properties (PIDs) in three relevant areas.

• Physical Threat Enumeration - for the source model file model_physical.yaml
  • Physical Threat Catalog
• Software Threat Enumeration - for the source model file model_software.yaml
  • Software Threat Catalog
• Bluetooth Threat Enumeration - for the source model file model_bt.yaml
  • Bluetooth Threat Catalog

The threat model, risk assessment, measures, and related reasoning are described in the Demonstrator Threat Model: Attack Defense Framework.