Purpose
Threat scenarios provide a reusable classification layer for threats. Rather than duplicating scenario definitions across TARA modules, the solution stores scenarios in a centralThreatScenarioCatalog document. Individual TARA records link to scenarios via the hasThreatScenario link role, enabling consistent threat naming and cross-module analysis.
Work Item Identity
| Property | Value |
|---|---|
| Type ID | threatScenario |
| Label | Threat Scenario |
| Icon | MAN_project_monitoring_and_control.gif |
| Tracker Prefix | TR |
| Form Layout | threatScenario-form-layout.xml |
Custom Fields
ThethreatScenario type has no TARA-specific custom fields beyond the standard Polarion fields (Title, Description, Status, Priority) and the global classification field.
| Field ID | Name | Type | Description |
|---|---|---|---|
classification | Classification | enum:classification | Global field. Values: sc (Special Characteristic), cc (Critical Characteristic), cybersecurity. |
threatScenario column. The Description field provides detailed narrative about the threat.
Shared Catalog
Threat scenarios are stored in the shared catalog document:| Property | Value |
|---|---|
| Document | Risks/ThreatScenarioCatalog |
| Space | Risks |
| Item Count | 15 scenarios + 1 heading |
| Reuse Pattern | Referenced via itemLink columns across all TARA modules |
Link Roles
Outgoing Links
| Role ID | Forward Label | Target Type | Description |
|---|---|---|---|
parent | has parent | threatScenario | Hierarchical grouping within the catalog (sameType=true). |
Incoming Links
| Role ID | Reverse Label | Source Type | Description |
|---|---|---|---|
hasThreatScenario | is Threat Scenario in | taraRecord | TARA records referencing this scenario. Each TARA record links to exactly one threat scenario. |
Risksheet Integration
In the TARA Risksheet, the threat scenario appears as a Level 4 hierarchy column:| Column ID | Header | Type | Group | Key Properties |
|---|---|---|---|---|
threatScenario | Threat Scenario | itemLink | Threat Identification (purple) | linkRole=hasThreatScenario, document=Risks/ThreatScenarioCatalog, queryFactory=threatScenarioQuery |
Query Factory
ThethreatScenarioQuery factory populates the picker dropdown:
threatScenario work items in the project. The picker displays the scenario title and creates a hasThreatScenario link when selected.
Hierarchy Position
Threat scenarios sit at Level 4 in the Risksheet 5-level hierarchy:| Level | Column | Description |
|---|---|---|
| 1 | Stakeholder | Who is affected |
| 2 | CIAx Property | What security aspect |
| 3 | Damage Scenario | What harm results |
| 4 | Threat Scenario | How the threat manifests |
| 5 | Threat Path | Concrete attack vector |
Workflow
ThethreatScenario type follows the general work item workflow:
| State | Color | Description |
|---|---|---|
draft | #3366FF | Initial state. |
inReview | #FFFF99 | Submitted for review. |
pendingApproval | #FFFF33 | Awaiting formal approval. |
approved | #66FF66 | Approved for use in TARA analysis. |
rejected | #FF3300 | Rejected. Requires rework. |
obsolete | — | Deprecated. Retained for traceability. |
Traceability Context
The threat scenario connects to the TARA record in the threat identification phase:Form Layout Notes
ThethreatScenario-form-layout.xml layout exposes:
- Standard fields: Title, Description, Status, Priority
- Linked items section showing TARA records that reference this scenario
Related Pages
- TARA Record (taraRecord) — the risk assessment record that links to threat scenarios
- Stakeholder (stakeholder) — the other catalog-based work item type
- Use Shared Threat Scenario and Stakeholder Catalogs — how to use shared catalogs
- Identify Threats and Damage Scenarios — the workflow step that uses threat scenarios
- Shared Catalogs Pattern — concept page on the catalog reuse pattern