The SOX module AT makes graphical representations of attack paths available, providing Attack Goals, Attack Objectives, Attack Methods and Asset Attacks and connects them with the responding AND and OR gates. Beyond the usual entities, Undeveloped Events and Transfers, referencing repeated nodes in different attack paths, can be created.
Variables, representing the probabilities of an Asset Attack, e.g. the costs of an attack, the probability of exposure and the window of opportunity are customer-specific creatable. When defining a variable, you can choose a type like an integer, enumerated list and much more. Furthermore, you can choose the propagate rules for the AND and OR gates out of a checkbox (e.g. maximum at AND gates, minimum at OR gates, sum, products, and counting) and calculate the values of your individual variables in one click for the Attack Goal.
The SOX module AT provides the possibility to take over threats from the TARA via drag and drop as Attack Goals. A view where Asset Attacks are allocated to the responding Attack Goal is available in both modules. Moreover, variables calculated for the Attack Goal (or Threat) are synchronized with the corresponding Threat Level Parameters in the costumer-specific version of the TARA module.