EdgeX Foundry STRIDE Threat Model
STRIDE is an acroymn standing for:
- Information disclosure (which means privacy breach or data leaks)
- Denial of service
- Elevation of privilege
STRIDE is a type of security threat modeling to identify security vulnerabilities and risks associated with IT systems and then put methods (mitigation) in place to protect against the vulnerabilities and risks. Specifically, the STRIDE approach to threat modeling looks for common threats as represented in the acroymn in a consistent and methodical way.
There are many tools to help create STRIDE threat models. Many of these tools will allow the developer to visually diagram the system and then automatically analyze the diagram and generate STRIDE risks which the developer must then explore and mitigate.
If you wish to use the tool, make changes and/or generate your own reports you will need to import the following files into the Microsoft TMT: