Threat modelling, especially in IT, is becoming more common. Companies are increasingly aware of the risks of having their infrastructure and devices connected to the internet. As more devices, machines, sensors, monitors, and applications are added to a company’s infrastructure, there are potentially many more vulnerabilities.

According to Wikipedia, threat modelling should answer:

  • Where am I most vulnerable to attack?
  • What are the most relevant threats?
  • What do I need to do to safeguard against these threats?

Diagram types used in threat modelling

Vulnerabilities are more easily represented visually using a few different diagram types, all of which can be created with

Data flow diagrams (DFDs)

Threat modelling DFDs are similar to those used by system engineers, with a few additional shapes. Operational or infrastructure threat models (OTMs) are a specific type of data flow diagram, visualising how the independent, grouped, and shared components communicate with each other and external entities via connection pathways.

Example data flow diagram for threat modelling

Process flow diagrams (PFDs)

These are used by agile teams to build application threat models (ATMs). Agile software development teams can analyse their applications and features by critically examining the communication protocols used to connect the code’s building blocks together.

Example process flow diagram for threat modelling

Attack trees

Hierarchical visualisations of one component or asset in your infrastructure allow you to explore how it might be attacked. They have been used for decades in the fields of defence and aerospace to analyse threats to their electronics systems, and are now becoming more popular in other fields. The lowest priority threats (with the least impact) are in the child leaf nodes, and the threats grow in priority as you traverse up through the parent nodes to the root of the tree.

Example attack tree diagram for threat modelling

Open all of these diagrams in

Creating custom libraries for threat modelling

Custom libraries in make it easy for you to collect the shapes with which you regularly work.

These custom library files, with the file extension of .xml, are easily shared with your co-workers. Custom libraries can be added to the for Confluence app so that everyone in your company can use your custom shape library. This is great for ensuring all diagrams follow the company’s style.

A big thank you to Michael Henrikson who explained why he likes to use and his custom libraries for threat modelling. Michael includes one custom library each for DFDs and attack trees, and provides example diagrams in his blog post.

Download Michael’s attack.xml and DFD.xml custom libraries from GitHub

Michael Henrikson's DFD and attack tree custom shape libraries

Michael Henrikson’s DFD and attack tree custom shape libraries

How to open a custom shape library in

To load a custom shape library, click File > Open Library from > … Locate and select the custom library (the file extension will be .xml) on your device in the file selection dialog, then click Choose.

For the legends in the DFD, it is recommended to use the ER Table 1 compound shape from the Entity Relation shape library. This makes it easier to add extra assets, security controls and threat actors. To duplicate a row inside an entity, first select it, then press CTRL+Enter or CMD+Enter.

Container shape - Entity Relation Table 1

How to open a different shape library

For example, to load the Entity Relation shape library, click More shapes at the bottom of the left panel. In the Software section, click on the checkbox next to Entity Relation to enable this shape library, then click Apply.

Enable the Entity Relation shape library

How to create your own custom shape library in

To create a new custom library, click File > New Library > … and select where you want to save your custom library file. Enter a name for your library, and click Save. The new custom library will appear at the top of the left panel.

How to add and remove shapes from your custom shape library

Drag shapes from the drawing canvas onto your custom library, or select a shape on the canvas and click the plus icon to the right of your library’s name.

To remove shapes from your library, click the pencil icon to edit the library, then click the cross in the upper right of the shape you want to remove. Rename shapes by clicking on their name and entering a new one.

Edit a custom library

From here, you can also export your shape library to another location, add images via a URL, and import shapes stored in different shape library.

Click Save to save your changes.

Use desktop for secure threat modelling

Because your threat modelling diagrams contain highly sensitive data about your applications and infrastructure, ensure they are secure and use desktop. desktop can be used behind a strong firewall or even offline – there is no external communication of diagram data.

Download and install the latest release of desktop