DREAD: Risk assessment

MSDL security

TOGAF framework

Spring.net framework

definition of software architecture

Estimation Techniques

Damage -

Rating fo the attack ? Damage level


Reproducibility -

Repetablity of same. will it happen due to a random error or repetable?


Exploitability -

how much ground work requred to launch the attack?


Affected users -

What is the imact? how many people will be impacted?  How sensitive is the data in question?


Discoverability -

how easy it is to discover/trace the origin of attack ?