Making the Case for Cybersecurity
Figure 4-1: Contextualized attack objects.
For instance, consider the ATT & CK technique Adversary-in-the-Middle. On its own, this technique is abstract. But when mapped against a SPECTRA model that defines a system’ s information pathways, analysts can pinpoint which channels lack encryption or inadequate monitoring. That’ s where this technique becomes a tailored attack path, directly feeding into a risk claim for the system of interest.
To achieve a living, adaptive assurance case, Risk-Centric DevSecOps pipelines must be connected to the knowledge repositories, so that the knowledge items can flow from community-curated repositories all the way to system-specific data lake, triggering risk re-evaluation when a new attack technique is published.
This closes the loop between engineering intent, deployed artifacts, and evolving threat landscapes. Importantly, this also allows threat intelligence databases— like those encoded in D3FEND— to be leveraged not just for awareness but for assurance, processed by the automated pipelines of interoperable tools.
Looking forward, the interoperability between system models and attack ontologies must be strengthened. The current“ digital thread” between the system of interest and the attack databases is still partially broken— due to inconsistent semantics, tool fragmentation, and lack of tailoring workflows at the mission and design stages. To mend this, the OMG roadmap for SPECTRA includes a formal ontology, developed in collaboration with MITRE D3FEND, to harmonize attack representations with system design data.
This SPECTRA ontology will define mappings between SPECTRA modeling constructs and the Digital Artifact types in D3FEND, enabling seamless, bidirectional reasoning. It will support earlystage modeling— at the mission and system engineering phases— allowing organizations to predict and mitigate risks before implementation begins.
48 May 2025