Systematic Literature Review of Threat Modeling Concepts

Pedro Lohmann; Carlos Albuquerque; Raphael Machado

doi:10.5220/0011783000003405

Systematic Literature Review of Threat Modeling Concepts

Pedro Lohmann, Carlos Albuquerque, Raphael Machado

2023

Abstract

Threat Modeling (TM) has increased its relevance in cybersecurity risk management applied to software development, allowing developers to proactively identify and mitigate threats from various sources. In the present work, we execute a systematic literature research (SLR) on TM applied to cybersecurity. Population, Intervention, Comparison, Outcomes, Context (PICOC) criteria were used to define a research formula that was executed in three relevant digital libraries and was submitted to inclusion and exclusion criteria and a rigorous quality assessment, resulting in 16 papers that answered four research questions, which deeply defined key elements of TM, process steps, TM relation with risk management process existing in ISO 27005 and future perspectives for TM. This contribution supports the understanding of TM and its practical application when considering different existing models into real application development.

Download

Paper Citation

in Harvard Style

Lohmann P., Albuquerque C. and Machado R. (2023). Systematic Literature Review of Threat Modeling Concepts. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 163-173. DOI: 10.5220/0011783000003405

in Bibtex Style

@conference{icissp23,
author={Pedro Lohmann and Carlos Albuquerque and Raphael Machado},
title={Systematic Literature Review of Threat Modeling Concepts},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={163-173},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011783000003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Systematic Literature Review of Threat Modeling Concepts
SN - 978-989-758-624-8
AU - Lohmann P.
AU - Albuquerque C.
AU - Machado R.
PY - 2023
SP - 163
EP - 173
DO - 10.5220/0011783000003405