Cyber Architect - First Steps

Create a new project:

  1. Click on the New project link
  2. Enter a project name
  3. Click on the Next button
  4. You can select knowledge bases in the reference base to import in your project
  5. Click on Finish

separation

Define the analysis perimeter:

  1. Etablish for each activity of the module, the necessary knowledge bases for your project
  2. Click on this kind of icon to create a new knowledge base
  3. Click on this kind of icon to create
  4. Double-click on a cell to enter on edit mode

separation

Define the feared events:

Open the scope of the project is defined and enriched:

  1. Select the knowledge base of the feared events
  2. Generate the feared events automatically
  3. Select a feared event in the base
  4. Select knowledge base
  5. Select an element to apply on the feared event

separation

Define the threat scenarios:

On the same principle as the feared events:

  1. Create a new threat scenario
  2. Select in the list a threat scenario
  3. Sélect a knowledge base
  4. Sélect an elements to apply on the threat scenario

separation

Establish the risks:

After defining the feared events ans the threat scenarios:

  1. Create a new risk
  2. Select a risk in the base
  3. Select a knowledge base
  4. Select the elements to be applied to the threat scenario
  5. Select a risk in Net risk evaluation
  6. Add security measures already implemented for this risk
  7. Edit net risk level
  8. Click on the Identify the security goals activity
  9. Click on Show table
  10. Double click on the treatment cells to edit them

separation

Study the security measures:

  1. Select a risk
  2. The information of the risk is displayed in the treatment risk
  3. Click on Treat the risk
  4. Select one or more security measures
  5. Click on OK
  6. Define a default residual evaluation by clicking on Initialise residual evaluation
  7. Double-click on the Residual Evaluation cell to adjust the level if necessary
  8. Select the new severity and likelihood level
  9. Click OK to apply
  10. Double click on the supporting assets and the primary assets cells to edit them
  11. Click on the Implement the security measures activity
  12. Define the knowledge bases
  13. Click on Show table in the Action plan
  14. Double click on the cells to edit them

separation

Going further:

  1. Click on Check to verify the coherence of your project
  2. This one has parameters allowing to personalise the display and the functioning
  3. Click on Metrics to create graphs linked to project data
  4. This one has options allowing to display or not the graphics and allows their export
  5. Click on Report to generate a project report
  6. It is possible to customise the project elements to be included in the report
  7. Export your report to different formats or directly within your project

Cyber Architect also offers the possibilities:

  • To generate and edit the attack trees directly within the tool with a graphical editor. Once the option is enabled in the application preferences, an Attack tree button will be available in the toolbar.
  • To export your projects under spreadsheet (.xlsx or .xls), as well export the attack trees to third tools, as FaultTree+ and Arbre Analyste