Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use RAAML for threat models #214

Open
kuwv opened this issue Apr 19, 2023 · 3 comments
Open

Use RAAML for threat models #214

kuwv opened this issue Apr 19, 2023 · 3 comments

Comments

@kuwv
Copy link

kuwv commented Apr 19, 2023
edited
Loading

Model Based Systems Engineering (MBSE) typically uses SysML to interconnect models. The Risk Analysis and Assessment Modeling Language (RAAML) specification is a SysML compliant format that would allow integration with other modeling capabilities such as simulation.

Ideally, one would be able to switch between using PlantUML or SysML but the latter does more than visualization.

References:
https://www.omg.org/spec/RAAML/1.0/Beta2/About-RAAML
https://github.com/gaphor/gaphor
OWASP/threat-dragon#639
https://www.oreilly.com/library/view/threat-modeling/9781492056546/ch04.html
@izar
Copy link
Collaborator

izar commented Apr 20, 2023

so if I understand you correctly you are proposing RAAML as an additional output option for pytm?

@kuwv
Copy link
Author

kuwv commented Apr 20, 2023
edited
Loading

@izar yes as an alternative output format

@izar
Copy link
Collaborator

izar commented Apr 20, 2023

sounds great! I don't think any of the current collaborators is fluent in RAAML, is that something you could send a PR for?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@izar @kuwv