Skip to content

Controls

Controls are predefined countermeasures that can be used to systematically address attack scenarios. They represent reusable security measures that are automatically generated to mitigate configurable attack vectors and threat rules, providing a consistent and efficient approach to threat mitigation.

Controls can be:

  • Linked to attack vectors and threat rules for automatic countermeasure generation
  • Associated with MITRE EMB3D framework entries for standardized security practices
  • Connected to checklist requirements for compliance tracking
  • Documented with implementation guidance to help development teams

Basic Settings

Each control includes the following basic configuration options:

  1. Name: A unique identifier for the control (e.g., "Input Validation", "Encryption at Rest")
  2. Description: A detailed explanation of what the control does and how it mitigates threats
  3. Mitigated Attack Vectors: List of attack vectors mitigated by this control (used for countermeasure generation)
  4. Mitigated Threat Rules: List of threat rules mitigated by this control (used for countermeasure generation)

MITRE EMB3D Integration

Controls can be linked to MITRE EMB3Dâ„¢ entries to align your countermeasures with industry-standard security practices.

To link a control to MITRE EMB3D:

  1. Select the control in the configuration
  2. Click on the add button Add button icon next to EMB3D Entry IDs
  3. Add the ID, e.g. 12

Implementation Tips

Each control can include implementation guidance to help developers and security teams properly implement the countermeasure. Implementation tips should include:

  • Technical guidance: Specific technologies, libraries, or approaches to use
  • Best practices: Recommended patterns and anti-patterns
  • Configuration examples: Sample code or configuration snippets
  • Verification methods: How to verify the control is properly implemented
  • Common pitfalls: Known issues to avoid during implementation

Control tips image

Automatic Countermeasure Generation

When threat rules are evaluated during threat generation, controls associated with matching rules are used to generate countermeasures. This process:

  1. Identifies applicable controls based on elements, attack vectors, and threat rules
  2. Generates countermeasures in the threat model
  3. Applies control description

Checklist Requirements Linking

Controls can be directly linked to specific checklist requirements, enabling automatic traceability between requirements and countermeasures.

When a control is implemented, all linked checklist requirements can be automatically updated, streamlining the compliance verification process.

Best Practices

When configuring controls in TTModeler, consider the following best practices:

  1. Reusability: Define controls at the appropriate abstraction level to maximize reuse across different threat rules
  2. Specificity: Provide sufficient detail in descriptions and implementation tips to be actionable
  3. Traceability: Link controls to relevant MITRE EMB3D entries and checklist requirements to maintain traceability
  4. Maintenance: Regularly review and update controls as security standards and best practices evolve
  5. Consistency: Use consistent naming conventions and categorization for easier navigation