Skip to main content

Before you start

Open the FCC Security Threat Analysis (DO-326A) risksheet from the Risks space. The risksheet uses a 3-level hierarchy: System Element → Threat Category → Attack Scenario.

Step 1: Select the target system element

In the Identify Threats view, locate or create a row for the system element under attack. The System Element column links to existing system elements in the project hierarchy (for example, Air Data Computer Interface or Main Flight Processor).
Review the System Structure Navigator report first to confirm which components have attack surfaces worth analyzing before opening the risksheet.

Step 2: Classify the attack surface

Set the Attack Surface field to one of the six entry point categories:
Enum IDLabel
networkNetwork
physicalPhysical
softwareSoftware
humanHuman
supplySupply Chain
wirelessWireless

Step 3: Assign a STRIDE threat category

Set STRIDE Category (threatCategory) to one of the six categories:
Enum IDThreat
spoofingSpoofing
tamperingTampering
repudiationRepudiation
informationDisclosureInformation Disclosure
denialOfServiceDenial of Service
elevationOfPrivilegeElevation of Privilege
Enter a short Title and a detailed Description (threatDescription) explaining the attack scenario.

Step 4: Complete the initial assessment

Switch to the Initial Assessment view. Set initialLikelihood and initialImpact for each threat row:
  • Likelihood: unlikely · possible · likely · almostCertain
  • Impact: negligible · minor · major · catastrophic
The initialSAL field calculates automatically from the 4×4 matrix — you cannot edit it directly. diagram SAL-3 threats (red) require the highest security assurance activities under DO-326A. SAL-0 threats (green) require minimal controls.

Step 5: Add security countermeasures

Switch to the Security Controls view. For each threat row, enter:
  • Countermeasure ID — your internal control reference
  • Countermeasure Title — brief label for the security control
  • Status — track implementation state
Confirm the available status values for countermeasure status (for example: pending, active, waived) and verify whether countermeasure status affects residual SAL recalculation automatically.

Step 6: Complete the residual assessment

Switch to the Residual Assessment view. After countermeasures are in place, re-evaluate:
  • residualLikelihood — likelihood with controls applied
  • residualImpact — impact with controls applied
  • residualSAL — auto-calculated from residual values using the same 4×4 matrix
initialSAL and residualSAL are calculated automatically. Do not attempt to set them directly — the field will not accept manual input and the value will not persist.
Marking a countermeasure as active does not update residual likelihood or impact. You must manually reassess and update residualLikelihood and residualImpact after implementing controls.

Step 7: Review the Security Threat Assessment Dashboard

Navigate to the Security Threat Assessment report from the Home dashboard. This report aggregates the full threat inventory by system element, showing initial and residual SAL levels, attack surface distribution, and countermeasure status across the project.
The Security Threat Assessment risksheet tracks threats and controls. Use the DO-326A Security Requirements Traceability PowerSheet separately to verify requirements-side coverage of your security assurance activities.

Verification

You should now see your threat row in the Residual Assessment view with both initialSAL and residualSAL populated in color-coded cells (green through red), and the Security Threat Assessment Dashboard updated with the new entry under the appropriate system element.

See also

Code: modules/RiskTemplates/SecurityThreatTemplate/attachments/risksheet.json (0.88) · .polarion/tracker/fields/securityThreat-threatCategory-enum.xml (0.78) · .polarion/pages/spaces/_default/Safety Assessment Summary/page.xml, Common Cause Analysis Report/page.xml, Security Threat Assessment/page.xml, Hara Risk Matrix Report/page.xml (0.73) · .polarion/tracker/fields/securityThreat-attackSurface-enum.xml, securityThreat-likelihood-enum.xml, securityThreat-impact-enum.xml, securityThreat-sal-enum.xml (0.68) · .polarion/nextedy/models/rtm.yaml (0.63) · .polarion/tracker/fields/securityThreat-custom-fields.xml (0.61) · modules/Risks/COMPLIANCE-001/module.xml, modules/Risks/MIL-STD-882E-HTS-001/module.xml, modules/Risks/SEC-THREAT-001/module.xml, modules/Risks/SFMEA-SUB-001/module.xml, modules/Risks/SFMEA-SUB-002/module.xml, modules/Risks/SFMEA-SUB-003/module.xml (0.60) · .polarion/nextedy/sheet-configurations/DO-326A Security Requirements Traceability.yaml (0.60) · .polarion/nextedy/sheet-configurations/DO-254 Objectives Compliance Matrix.yaml (0.50) · .polarion/tracker/fields/complianceObjective-standard-enum.xml, complianceObjective-status-enum.xml, complianceRequirement-complianceStatus-enum.xml, complianceRequirement-evidenceType-enum.xml (0.48)