Resumen
Threat modelling of a computer system is based on the system analysis of its architecture on early development stages (requirements, design) and creation of a threat model that represents security aspects of the system (threats and mitigations). Used in this field means, like data flow diagrams (DFD) and Application threat modelling approach (OWASP, Microsoft), are mainly informal and hard to involve automation. In order to overcome these restrictions, we have created the ontology-driven threat modelling (OdTM) framework, which allows to use graphical notation of DFD diagrams and semantic domain-specific threat models to build threat models for different computer systems. Each domain-specific threat model has a set of typical components of some subject area and threats/countermeasures associated with these components. An end user can describe a computer system with DFD diagram(s), then reasoning procedures are able to build a threat model for that system.The OdTM framework consists of a common approach of the architectural security analysis and method of semantic interpretation of DFD diagrams and automatic reasoning of relevant threats and countermeasures. We have developed the base threat model as OWL (Web ontology language) ontology that enables creation of domain-specific threat models as OWL ontologies and extension them with different external knowledge sources (knowledge ?mining?, the Linked Open Data etc.). To illustrate proposed approach, we have used a semantic version of a model that depicts common threats against cloud computer systems.