Quiz Entry - updated: 2026.07.14
How do you trace from a Use Case through threat analysis to a security requirement?
Use Case → DFD → STRIDE threats → Misuse Cases → DREAD rating → Mitigation Use Cases → a testable security requirement. Each step feeds the next.
End-to-end example — "User Login" Use Case:
| Step | Activity | Result |
|---|---|---|
| 1. Use Case | Document "User Login" (actor, flow, preconditions) | UC defined |
| 2. DFD | Draw data flow: Browser → Login Form → Auth Service → User DB | Trust boundaries identified |
| 3. STRIDE | Apply to each DFD element crossing trust boundary | Threats: Spoofing (fake credentials), Tampering (modified request), Info Disclosure (password leak) |
| 4. Misuse Cases | Create MUCs: "Brute Force Attack", "SQL Injection", "Credential Stuffing" | MUCs documented |
| 5. DREAD | Rate each MUC: SQL Injection = D3+R3+E2+A3+D2 = 13 (High) | Priorities set |
| 6. Mitigations | Create Mitigation UCs: "Input Validation", "Rate Limiting", "MFA" | Security requirements derived |
| 7. Requirements | "The system SHALL enforce rate limiting after 5 failed login attempts" | Testable requirement |
Why this process works: Each step builds on the previous one. You start with what the system should do (UC), identify what could go wrong (STRIDE/MUC), prioritize risks (DREAD), and derive specific, testable security requirements (Mitigations).