威胁建模工具功能概述Threat Modeling Tool feature overview

Threat Modeling Tool 可帮助满足你的威胁建模需求。The Threat Modeling Tool can help you with your threat modeling needs. 若要获取此工具的基本简介,请参阅 Threat Modeling Tool 入门For a basic introduction to the tool, see Get started with the Threat Modeling Tool.

Note

Threat Modeling Tool 会频繁更新,因此请经常查看本指南,以了解我们的最新功能和改进。The Threat Modeling Tool is updated frequently, so check this guide often to see our latest features and improvements.

若要打开一个空页面,请选择“创建模型”。To open a blank page, select Create A Model.

空页面

若要查看此工具中当前可用的功能,请使用入门示例中我们的团队创建的威胁模型。To see the features currently available in the tool, use the threat model created by our team in the Get started example.

基本威胁模型

在探讨内置功能之前,我们来了解一下在工具中找到的主要组件。Before we discuss the built-in features, let's review the main components found in the tool.

此体验类似于其他 Microsoft 产品。The experience is similar to other Microsoft products. 我们来了解顶级菜单项。Let's review the top-level menu items.

菜单项

LabelLabel 详细信息Details
文件File
  • 打开、保存和关闭文件Open, save, and close files
  • 登录和注销 OneDrive 帐户。Sign in and sign out of OneDrive accounts.
  • 共享链接(视图和编辑)。Share links (view and edit).
  • 查看文件信息。View file information.
  • 将新模板应用于现有模型。Apply a new template to existing models.
编辑Edit 撤消和重做操作,以及复制、粘贴和删除。Undo and redo actions, as well as copy, paste, and delete.
视图View
  • 在“分析”和“设计”视图之间进行切换。Switch between Analysis and Design views.
  • 打开已关闭的窗口(例如模具、元素属性和消息)。Open closed windows (for example, stencils, element properties, and messages).
  • 将布局重置为默认设置。Reset layout to default settings.
关系图Diagram 添加和删除关系图,及浏览关系图的“选项卡”。Add and delete diagrams, and move through tabs of diagrams.
报告Reports 创建与他人共享的 HTML 报告。Create HTML reports to share with others.
帮助Help 查看帮助使用工具的指南。Find guides to help you use the tool.

符号是指顶级菜单的快捷方式:The symbols are shortcuts for the top-level menus:

符号Symbol 详细信息Details
打开Open 打开新文件。Opens a new file.
保存Save 保存当前文件。Saves the current file.
设计Design 打开设计视图,可以在其中创建模型。Opens the Design view, where you can create models.
分析Analyze 显示已发生的威胁及其属性。Shows generated threats and their properties.
添加关系图Add diagram 添加新关系图(类似于 Excel 中的新选项卡)。Adds a new diagram (similar to new tabs in Excel).
删除关系图Delete diagram 删除当前关系图。Deletes the current diagram.
复制/剪切/粘贴Copy/Cut/Paste 复制、剪切和粘贴元素。Copies, cuts, and pastes elements.
撤消/重做Undo/Redo 撤消和重做操作。Undoes and redoes actions.
放大/缩小Zoom in/Zoom out 放大和缩小关系图以便获得更好的视觉效果。Zooms in and out of the diagram for a better view.
反馈Feedback 打开 MSDN 论坛。Opens the MSDN Forum.

画布Canvas

画布是用于在其中拖放元素的空间。The canvas is the space where you drag and drop elements. 拖放是生成模型的最快且最有效的方法。Drag and drop is the quickest and most efficient way to build models. 也可以右键单击,然后选择菜单中的项,添加常规的元素版本,如下所示:You can also right-click and select items from the menu to add generic versions of elements, as shown:

在画布上放置相应模具Drop the stencil on the canvas

画布拖放

选择模具Select the stencil

元素属性

模具Stencils

根据所选模板,可以找到所有可用的模具。Based on the template you select, you can find all the stencils available to use. 如果无法找到正确的元素,则使用其他模板。If you can't find the right elements, use another template. 或者可以修改模板,以满足你的需求。Or you can modify a template to fit your needs. 通常情况下,可以找到如下所示的类别组合:Generally, you can find a combination of categories like these:

模具名称Stencil name 详细信息Details
处理Process 应用程序、浏览器插件、线程、虚拟机Applications, browser plug-ins, threads, virtual machines
外部交互方External interactor 身份验证提供程序、浏览器、用户、Web 应用程序Authentication providers, browsers, users, web applications
数据存储Data store 缓存、存储、配置文件、数据库、注册表Cache, storage, configuration files, databases, registry
数据流Data flow 二进制、ALPC、HTTP、HTTPS/TLS/SSL、IOCTL、IPSec、命名管道、RPC/DCOM、SMB、UDPBinary, ALPC, HTTP, HTTPS/TLS/SSL, IOCTL, IPSec, named pipe, RPC/DCOM, SMB, UDP
信任行/边框边界Trust line/Border boundary 企业网络、Internet、计算机、沙盒、用户/内核模式Corporate networks, internet, machine, sandbox, user/kernel mode

说明/消息Notes/messages

组件Component 详细信息Details
消息Messages 一旦出现错误,内部工具逻辑便会向用户发出警报,例如元素之间没有数据流时。Internal tool logic that alerts users whenever there's an error, such as no data flows between elements.
说明Notes 在整个设计和评审过程中工程团队会将手册说明添加到文件中。Manual notes are added to the file by engineering teams throughout the design and review process.

元素属性Element properties

随着所选元素的变化,元素属性也会有所不同。Element properties vary by the elements you select. 除了信任边界外,所有其他元素都包含 3 个常规选择:Apart from trust boundaries, all other elements contain three general selections:

元素属性Element property 详细信息Details
名称Name 用于命名流程、存储、交互方和流,以便可以轻松识别它们。Useful for naming your processes, stores, interactors, and flows so that they're easily recognized.
超出范围Out of scope 如果选择此选项,则该元素会从威胁生成矩阵中移除(不推荐)。If selected, the element is taken out of the threat-generation matrix (not recommended).
超出范围的原因Reason for out of scope 告知用户选择超出范围原因的理由字段。Justification field to let users know why out of scope was selected.

可在每个元素类别下更改属性。Properties are changed under each element category. 选择每个元素后可查看可用的选项。Select each element to inspect the available options. 或者可以打开模板了解详细信息。Or you can open the template to learn more. 我们来了解下其中的功能。Let's review the features.

欢迎屏幕Welcome screen

打开应用时,将看到“欢迎使用”屏幕。When you open the app, you see the Welcome screen.

打开模型Open a model

将鼠标指针悬停在“打开模型”上可显示两个选项:从此计算机打开从 OneDrive 打开Hover over Open A Model to reveal two options: Open From This Computer and Open From OneDrive. 第一个选项将打开“文件打开”屏幕。The first option opens the File Open screen. 第二个选项会将你转到 OneDrive 的登录过程。The second option takes you through the sign-in process for OneDrive. 身份验证成功后,可以选择文件夹和文件。After successful authentication, you can select folders and files.

打开模型

从计算机或 OneDrive 打开

反馈、建议和问题Feedback, suggestions, and issues

选择“反馈、建议和问题”后,将转到 SDL 工具的 MSDN 论坛。When you select Feedback, Suggestions and Issues, you go to the MSDN Forum for SDL Tools. 可以在其中阅读其他用户对该工具的看法,包括变通方法和新的想法。You can read what other people are saying about the tool, including workarounds and new ideas.

反馈

设计视图Design view

打开或新建模型时,会打开“设计”视图。When you open or create a new model, the Design view opens.

添加元素Add elements

可以使用以下两种方法在网格上添加元素:You can add elements on the grid in two ways:

  • 拖放:将所需元素拖到网格中。Drag and drop: Drag the desired element to the grid. 然后使用元素属性提供其他信息。Then use the element properties to provide additional information.
  • 右键单击:右键单击网格上的任意位置,然后从下拉菜单中选择项。Right-click: Right-click anywhere on the grid, and select items from the drop-down menu. 所选元素的通用表示将显示在屏幕上。A generic representation of the element you select appears on the screen.

连接元素Connect elements

可以使用以下两种方法连接元素:You can connect elements in two ways:

  • 拖放:将所需的数据流拖至网格中,并将两端连接到相应的元素。Drag and drop: Drag the desired dataflow to the grid, and connect both ends to the appropriate elements.
  • 单击 + Shift:单击第一个元素(发送数据),按住 Shift 键,然后选择第二个元素(接收数据)。Click + Shift: Click the first element (sending data), press and hold the Shift key, and then select the second element (receiving data). 右键单击并选择“连接”。Right-click, and select Connect. 如果你使用的是双向数据流,顺序就不那么重要了。If you use a bi-directional data flow, the order is not as important.

属性Properties

若要查看模具上可供修改的属性,请选择相应的模具,然后会填充相应的信息。To see the properties that can be modified on the stencils, select the stencil and the information populates accordingly. 以下示例显示“数据库”模具拖动到关系图前后的情况:The following example shows before and after a Database stencil is dragged onto the diagram:

之前Before

之前

之后After

之后

消息Messages

如果在创建威胁模型时忘记将数据流连接到元素,则会收到一个通知。If you create a threat model and forget to connect data flows to elements, you get a notification. 可忽略此消息,或按照说明进行操作以解决此问题。You can ignore the message, or you can follow the instructions to fix the issue.

消息

注释Notes

若要向关系图添加说明,请从“消息”选项卡切换到“说明”选项卡。To add notes to your diagram, switch from the Messages tab to the Notes tab.

分析视图Analysis view

生成关系图后,在快捷方式工具栏上选择“分析”符号(放大镜)可切换到“分析”视图。After you build your diagram, select the Analysis symbol (the magnifying glass) on the shortcuts toolbar to switch to the Analysis view.

分析视图

已发生威胁选择Generated threat selection

选择威胁后,可以使用三种不同的功能:When you select a threat, you can use three distinct functions:

功能Feature 信息Information
已读指示器Read indicator

将威胁标记为已读,可帮助你跟踪已查看的项。The threat is marked as read, which helps you keep track of the items you reviewed.

已读/未读指示器

交互焦点Interaction focus

关系图中属于威胁的交互会突出显示。Interaction in the diagram that belongs to a threat is highlighted.

交互焦点

威胁属性Threat properties

有关威胁的其他信息显示在“威胁属性”窗口中。Additional information about the threat appears in the Threat Properties window.

威胁属性Threat properties

优先级更改Priority change

可以更改每个已发生威胁的优先级。You can change the priority level of each generated threat. 不同的颜色便于识别高、中和低优先级的威胁。Different colors make it easy to identify high-, medium-, and low-priority threats.

优先级更改

威胁属性可编辑字段Threat properties editable fields

如前面的图像所示,可以更改工具生成的信息。As seen in the preceding image, you can change the information generated by the tool. 也可以向某些字段(例如“理由”)添加信息。You can also add information to certain fields, such as justification. 这些字段由模板生成。These fields are generated by the template. 如果需要了解各个威胁的详细信息,可以进行修改。If you need more information for each threat, you can make modifications.

威胁属性

报告Reports

完成优先级更改并更新每个已发生威胁的状态后,就可以保存文件和/或打印报表。After you finish changing priorities and updating the status of each generated threat, you can save the file and/or print out a report. 转到“报表” > “创建完整报表”。Go to Report > Create Full Report. 为报表命名,然后应会看到类似于下图的信息:Name the report, and you should see something similar to the following image:

报表

后续步骤Next steps

  • 将你的问题、评论和疑问发送至 tmtextsupport@microsoft.com。Send your questions, comments and concerns to tmtextsupport@microsoft.com. 下载 威胁建模工具以开始。Download the Threat Modeling Tool to get started.
  • 若要为社区提供模板,请转到我们的 GitHub 页。To contribute a template for the community, go to our GitHub page.