SecurityProperties

Type: Array of Objects

Description: A list of security properties used for threat modeling and scenario classification.

Possible values:

Keys

Type

Description

Example

Value

Integer

Numeric value representing the security property

0 to 7

Name

String

Name of the security property

Confidentiality,

Integrity,

Availability,

Authenticity,

Correctness,

Freshness,

Authorization,

Non-repudiation

PrefixForThreat

String

Prefix used to describe threats related to the property

Extraction of,

Manipulation of,

Blocking,

Forgery of,

Invalidation of,

Replay of,

Unauthorized access to,

Repudiation of

Effect:

  • Controls naming and classification of threat scenarios.
  • Helps express the type of security property that may be compromised.

Constraints:

  • For ISO/SAE 21434-oriented use, the primary focus shall be:
    • Confidentiality
    • Integrity
    • Availability
  • Additional properties should be used only where necessary.

Example:

  • Security properties in Assets
  • Name in Threats (PrefixForThreat)