-
Notifications
You must be signed in to change notification settings - Fork 3
/
About.vue
46 lines (41 loc) · 2.65 KB
/
About.vue
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<template>
<b-container id="about">
<h1>About the ThreatModellingTool Extension for Penetration Tester</h1>
<br/>
<br/>
<p class="text-left">This open sourced tool was designed as an extension for the Microsoft ThreatModellingTool 2016 with an adapted
version of the Template from the <a href="https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/july/the-automotive-threat-modeling-template/">NCC Group</a>.
This "extension" adds the calculation of the <a href="https://www.first.org/cvss/v2/guide"> Common Vulnerability Scoring System v2</a>
for each threat generated by the MS Tool, as well as the option of bulk modifying those.
With the filtering and sorting of the tabular data, it is possible for a penetration tester to find the threats
which match his/her criteria and therefore helps him prioritising.
e.g. the tester wants to find the threats with the highest Cvss2 Score which have "Ethernet" as Interaction and
the Access Vector is "Local (L)".
</p>
<p class="text-left">It was developed by Michael Wolf as part of the Master Thesis
"Combining Safety and Security Threat Modeling to Improve Automotive Penetration Testing".
The Thesis was done in cooperation with <a href="https://www.schutzwerk.com/">SCHUTZWERK GmbH</a>
(supervisor Dr. Bastian Könings)
and the department of <a href="https://www.uni-ulm.de/en/in/vs/">Distributed Systems of the University of Ulm</a>
(examiner: Prof. Dr. Frank Kargl, supervisor Dr. Rens van der Heijden),
and with the help of the <a href="https://www.hs-karlsruhe.de/en/">University of Applied Sciences Karlsruhe</a>
(co-examiner: Prof. Dr. Reiner Kriesten, supervisor Jürgen Dürrwang).
The thesis and this tool was funded partially by the EU Project
<a href="https://www.forschung-it-sicherheit-kommunikationssysteme.de/projekte/sicherheit-fuer-vernetzte-autonome-fahrzeuge">
SecForCARs
</a>
</p>
<p class="text-left">This whole tool was written in plain JavaScript, but uses the framework <a href="https://vuejs.org/v2/guide/">Vue.js (v2.5.2)</a>
for building the SinglePageApplication with the library <a href="https://bootstrap-vue.js.org/">Bootstrap-Vue (v2.0.0-rc.11)</a> and
<a href="https://getbootstrap.com/docs/4.1/getting-started/introduction/">Bootstrap (v4.1.3)</a> for designing the UI.
With the help of <a href="https://webpack.js.org/">WebPack</a> the code could be bundled into a static HTML5
file which can be opened/ run without a web server.</p>
</b-container>
</template>
<script>
export default {
name: 'MwAbout'
};
</script>
<style>
</style>