Threat Assessment & Remediation Analysis (TARA): Methodology Description Version 1.0

Wynn, Jackson; Whitmore, Joseph; Upton, Geoff; Spriggs, Lindsay; Mckinnon, Dan; Mcinnes, Richard; Graubart, Richard; Clausen, Lauren

Threat Assessment & Remediation Analysis (TARA): Methodology Description Version 1.0

Active / Technical Report | Accession Number: ADA576473 |

Open PDF

Abstract:

Mission Assurance Engineering MAE is the subdiscipline of Enterprise Systems Engineering ESE and is intended to provide mission assurance against the advanced persistent threat APT. The APT uses an evolving set of tactics, techniques, and procedures TTPs to establish and maintain a foothold in the enterprises information infrastructure, and to exploit that foothold to ex-filtrate large volumes of sensitive information, to corrupt mission-critical information, andor to deny or degrade mission capabilities. This report describes the Threat Assessment Remediation Analysis TARA methodology, which applies MAE to systems and acquisitions. TARA is a methodology for identifying and assessing cyber threats and selecting countermeasures effective at mitigating those threats. When applied in conjunction with a Crown Jewels Analysis CJA or other means for assessing mission impact, CJA and TARA together provide for the identification, assessment, and security enhancement of mission critical assets, which is the cornerstone of mission assurance.

Author(s):

Wynn, Jackson ; Whitmore, Joseph ; Upton, Geoff ; Spriggs, Lindsay ; Mckinnon, Dan ; Mcinnes, Richard ; Graubart, Richard ; Clausen, Lauren

Author Organization(s):

MITRE CORP BEDFORD MA

Descriptive Note:

Technical rept.

Pagination:

0061

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

MTR110176

Contract/Grant Number(s):

W15P7T-10-C-F600

Project Number(s):

031180SE-K1

Monitor Series:

OASD(NII)DC

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.3_Planning; JCA_3_Force Application; JCA_7_Protection; JCA_6_Net Centric; JCA_6.4.3_Respond to Attack Event; JCA_6.4.1_Secure Information Exchange; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_3.1_Maneuver; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_3.1.1_Maneuver to Engage; JCA_3.2_Engagement; JCA_3.2.2_Non-Kinetic Means; JCA_5.3.3_Develop Strategy; JCA_5.3.2_Apply Situational Understanding; JCA_5.3.4_Develop Courses of Action; JCA_5.3.5_Analyze Courses of Action; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate

Communities of Interest:

Cyber

Descriptor(s):

*COMPUTER SECURITY, *COUNTERMEASURES, *CYBERWARFARE, *INFORMATION SECURITY, *INFORMATION SYSTEMS, *SYSTEMS ENGINEERING, *THREAT EVALUATION, ATTACK, CYBERTERRORISM, INFORMATION ASSURANCE, METHODOLOGY, MISSIONS, RISK

Field(s)/Group(s):

Information Science, Computer Systems Management and Standards, Military Operations, Strategy and Tactics

Keyword(s):

*THREAT ASSESSMENT AND REMEDIATION ANALYSIS, *MISSION ASSURANCE ENGINEERING, *ADVANCED PERSISTENT THREAT, CTSA(CYBER THREAT SUSCEPTIBILITY ASSESSMENT), TTP(TACTICS TECHNIQUES AND PROCEDURES), THREAT MATRIX, CRRA(CYBER RISK REMEDIATION ANALYSIS), CROWN JEWELS ANALYSIS

Report Date:

2011 Oct 01

Creation Date:

2013 Jun 05