Skip to main content

Table 4 Comparative view of various threat driven frameworks

From: Threat driven modeling framework using petri nets for e-learning system

Author Modeling Framework Equation
Howard (2003) NA Framework consists of 3 modules:
1. Decompose application
2. Identify threats
3. Mitigate threats
After mitigation the severity is calculated only on basis of base metrics i.e.
\(W_{{n_{new} }} = \frac{{V_{i} }}{K}\)
Shrief et al. (2010) Stochastic petri net Framework consists of 6 modules:
1. Decompose application
2. Decomposition correction assessment
3. Identify threats
4. Mitigate threats
5. Mitigation correction assessment
6. Mitigation assessment
After mitigation the severity is calculated only in terms of base and temporal metrics i.e.
\(W_{{n_{new} }} = \frac{{V_{i} \times E\times RL\times RC}}{K}\)
Our proposed approach Aspect oriented stochastic petri nets Framework consists of 6 modules and threat identification is divided into sub modules.
1. Disintegrate application
2. Disintegration correction assessment
3.1. Threat identification
3.2. Identify application vulnerability
3.3. Risk assessment matrix
4. Mitigate (Attenuate) threats
5. Mitigation (Attenuation) correction assessment
6. Mitigation (Attenuation) assessment
After mitigation the severity is calculated only in terms of base, temporal and environmental metrics i.e.
\(W_{{n_{new} }} = \frac{{V_{i} \times E\times RL\times RC}}{K\times CR \times IR\times AR}\)