1 - Threat modelling your home

INTRODUCTION

Aug 31, 2014

This is the first in a series of threat modelling tutorials and aims to be a gentle introduction to process of threat modelling. For this first example, we won’t threat model any complex IT systems, instead we’ll focus on something that should be very familiar to you: your home.

Components

You’re standing outside your house, looking at the front of it. You may not actually live in a house, perhaps you live in a flat or bungalow, but we’ll assume it’s a typical suburban house for the purpose of this exercise. The first thing you may notice is the boundary that separates your property from the rest of the public street. Maybe you have a fence around your house, or perhaps some bushes and shrubs. Perhaps a combination of the two. Inside the boundary, or perimeter, is your land. You may have a drive way and space to park a car. Or perhaps you have a front garden and a little path leading up to the house. It’s also possible that you have a back garden, also fenced off. There may even be access between the front and back gardens via path at the side of the house. Your back garden may have sheds in it, or a greenhouse. Some houses also have separate garages. At this point you will have a pretty good idea of the features that make up the outside of your property. We can sumamrise them as a list:

Outside front

  • low fence
  • shrubs
  • driveway
  • space for two cars

Outside back

  • high fences
  • tall bushes
  • one shed
  • no access from side or rear

Now let’s focus on your house instead. You probably have a front door, and possibly a backdoor. You almost certainly have some ground floor windows, maybe even some lovely french doors at the back. The first floor has windows too, mostly for the bedrooms and perhaps a small one for the bathroom. Your house may have a tiled roof, a chimney, and drainpipes etc. Let’s write another list:

House

  • front door
  • front gound floor windows
  • back door
  • back ground floor windows
  • three first floor bedroom windows
  • one first floor bathroom window
  • tiled roof
  • drainpipes

Now, let’s focus on the entry points, namely the doors and windows. They windows almost certainly have glass in them, either single or double glazed. Hopefully the windows also have a keyed lock, but perhaps they just have a screw lock. There may be restrictions on how far the windows will open without adjusting a latch. Your front door will have at least one keyed lock. It may just have a cyclinder lock, but it may also have a 5-level deadbolt lock. It may also have a chain that can be set from the inside. Your front door may also have a letter box. Your backdoor will probably have some keyed locks, but may also have additional bolts. Again, let’s list them out:

Windows

  • double glazing
  • keyed lock
  • PVC frame

Front door

  • small glass panels
  • PVC body and frame
  • Yale cyclinder lock
  • 5-level lock

Back door

  • small glass panels
  • wooden body and frame
  • 5-level lock
  • top and bottom bolts