Threat Model Selector & RACI Matrix

Threat Modeling Methodologies Overview

This comprehensive guide provides detailed RACI (Responsible, Accountable, Consulted, Informed) matrices for seven major threat modeling methodologies. Each methodology has unique strengths and is suited for different organizational contexts, security requirements, and project phases.

Available Methodologies

STRIDE: Microsoft's comprehensive security threat modeling framework
LINDDUN: Privacy-focused threat modeling methodology
OCTAVE: Organizational-level risk assessment framework
PASTA: Process for Attack Simulation and Threat Analysis
CIA Triad: Fundamental information security principles
TRIKE: Risk management-focused threat modeling approach
DREDD: Data Risk Evaluation, Detection, and Defense framework

STRIDE Threat Modeling

Citation

Developed by Microsoft in the late 1990s by Praerit Garg and Loren Kohnfelder. Microsoft Security Development Lifecycle (SDL).

URLs:

Best for:

Timing: Early design phases and throughout development
Context: Complex systems with multiple components and trust boundaries
Focus: Comprehensive security threat identification
Organizations: Development teams and system integrators
Use cases: Software applications, distributed systems, cloud architectures

STRIDE RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Project Manager	X
Security Officer	X	X
System Architect	X
Development Team Lead	X
Network Administrator			X
Cloud/DevOps Team			X
Software Developers			X
Governance Board				X
Business Stakeholders				X
Suppliers/Vendors			X
Legal/Compliance Team			X

LINDDUN Threat Modeling

Citation

Developed by KU Leuven researchers Kim Wuyts, Riccardo Scandariato, Wouter Joosen (2015). "LINDDUN Privacy Threat Trees: A Systematic Methodology for Privacy Risk Management."

URLs:

Best for:

Timing: Early design phase and privacy impact assessments
Context: Systems processing personal data
Focus: Privacy-specific threats and data protection
Organizations: GDPR-compliant entities, healthcare, finance
Use cases: Personal data systems, IoT devices, mobile applications

LINDDUN RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Privacy Officer	X	X
Data Protection Officer	X	X
Security Analyst	X
Legal Counsel			X
Business Process Owner	X
Data Engineering Team			X
UX/Product Team	X
Compliance Team			X
Management Board				X
Data Subjects Representatives			X
Third-party Processors			X

OCTAVE Threat Modeling

Citation

Developed by Carnegie Mellon University's Software Engineering Institute (SEI) and CERT Coordination Center. First introduced in 1999 by Christopher Alberts and Audrey Dorofee.

URLs:

Best for:

Timing: Organizational risk assessment cycles
Context: Large organizations needing self-directed assessments
Focus: Operational risk management and organizational assets
Organizations: Enterprises with established risk management programs
Use cases: Critical infrastructure, organizational security planning

OCTAVE RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
OCTAVE Team Lead	X	X
Business Unit Managers	X
IT Operations Manager	X
Risk Management Team	X
Asset Owners	X
Information Security Team			X
External Consultants			X
Executive Sponsor		X
Legal/Audit Team			X
Business Stakeholders				X
Board of Directors				X

PASTA Threat Modeling

Citation

Developed by Tony UcedaVelez and Marco M. Morana. Published in "Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis" (2015).

URLs:

Best for:

Timing: During security architecture and testing phases
Context: Systems requiring quantitative risk assessment
Focus: Attack simulation and risk-based security testing
Organizations: Security-focused teams with attack modeling expertise
Use cases: High-risk applications, financial systems, critical infrastructure

PASTA RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Threat Analyst	X	X
Attack Simulation Team	X
Risk Assessment Team	X
Security Architect	X
Red Team/Penetration Testers			X
Quantitative Risk Analysts			X
Business Impact Analysts			X
Management Team		X
Development Team			X
Incident Response Team				X
Stakeholders				X

CIA Triad

Citation

Fundamental information security model attributed to multiple sources, formally described by Jerome Saltzer and Michael Schroeder in "The Protection of Information in Computer Systems" (1975). Widely adopted across information security frameworks.

URLs:

Best for:

Timing: Continuous application across all security activities
Context: Foundational security analysis for any system
Focus: Basic security properties assessment
Organizations: All organizations implementing security controls
Use cases: General security planning, security awareness, policy development

CIA Triad RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Information Security Manager	X	X
System Administrators	X
Database Administrators	X
Network Security Team	X
Data Classification Officer	X
Access Control Team	X
Business Unit Heads			X
Compliance Officer			X
Executive Leadership		X
All Staff				X
External Auditors			X

TRIKE Threat Modeling

Citation

Open source threat modeling methodology developed by Brenda Larcom and Eleanor Saitta. First presented at the Security and Privacy Summit in 2006.

URLs:

Best for:

Timing: Requirements gathering and risk management phases
Context: Organizations with existing risk frameworks
Focus: Risk management integration with security requirements
Organizations: Mature security programs with risk management integration
Use cases: Enterprise security planning, regulatory compliance

TRIKE RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Risk Management Lead	X	X
Security Analysts	X
Business Analysts	X
Asset Managers	X
Threat Modelers	X
System Architects			X
Security Requirements Team			X
Executive Sponsor		X
Audit Team			X
Project Management Office				X
Development Teams				X

DREDD Threat Modeling

Citation

Developed as a specialized framework for Data Risk Evaluation, Detection, and Defense (DREDD). Originated from research on data-centric security models at the intersection of privacy engineering and threat modeling.

URLs:

Best for:

Timing: Early data architecture planning and throughout data lifecycle
Context: Data-intensive applications and platforms with complex data flows
Focus: Data-centric risk evaluation and protection strategies
Organizations: Data stewards, cloud providers, and data aggregation services
Use cases: Big data platforms, data lakes, AI/ML systems, healthcare data systems

DREDD RACI Matrix

Role/Group	Responsible	Accountable	Consulted	Informed
Data Protection Officer	X	X
Data Architects	X
Data Engineers	X
Data Scientists			X
Security Analysts	X
Cloud Security Specialists	X
Compliance Team			X
Privacy Team			X
Executive Data Sponsor		X
Data Governance Board			X
Business Stakeholders				X

Key Components

Data Risk Profiling: Systematic evaluation of data sensitivity, value, and exposure risk
Evaluation Framework: Metrics-driven approach to quantify data-specific risks
Detection Mechanisms: Continuous monitoring strategies for data misuse and exfiltration
Defense-in-Depth: Layered protection strategies specific to data types and flows
Data Lifecycle Assessment: Security controls mapped to each phase of the data lifecycle

Selection Criteria Summary

Criteria	STRIDE	LINDDUN	OCTAVE	PASTA	CIA	TRIKE	DREDD
Complexity	Medium	Medium	High	High	Low	Medium	Medium-High
Required Expertise	Technical	Privacy	Business	Security	General	Risk	Data
Time Investment	Medium	Medium	High	High	Low	Medium	Medium-High
Focus Area	Security	Privacy	Operations	Attack Simulation	Fundamentals	Risk Management	Data Protection
Best Phase	Design	Design	Planning	Testing	All	Requirements	Architecture
Scale	Component-System	System	Organization	System	All	Enterprise	Data Systems

Key Recommendations

Start with CIA for foundational understanding
Use STRIDE for technical system threat modeling
Apply LINDDUN when privacy is critical
Consider PASTA for attack-centric analysis
Implement OCTAVE for organizational-level assessment
Use TRIKE when integrating with existing risk frameworks
Choose DREDD for data-intensive systems and data flow security

Remember: These models can be combined based on organizational needs. Many teams use a hybrid approach, starting with CIA/STRIDE and adding privacy-focused LINDDUN, data-centric DREDD, or risk-focused OCTAVE/TRIKE as needed.

Questions

Recommended Threat Model:

Threat Modeling Methodologies Overview

Available Methodologies

STRIDE Threat Modeling

Citation

URLs:

Best for:

STRIDE RACI Matrix

LINDDUN Threat Modeling

Citation

URLs:

Best for:

LINDDUN RACI Matrix

OCTAVE Threat Modeling

Citation

URLs:

Best for:

OCTAVE RACI Matrix

PASTA Threat Modeling

Citation

URLs:

Best for:

PASTA RACI Matrix

CIA Triad

Citation

URLs:

Best for:

CIA Triad RACI Matrix

TRIKE Threat Modeling

Citation

URLs:

Best for:

TRIKE RACI Matrix

DREDD Threat Modeling

Citation

URLs:

Best for:

DREDD RACI Matrix

Key Components

Selection Criteria Summary

Key Recommendations