Skip to content


STRIDE is a commonly used framework for guiding a threat analysis.

Like any other framework of this type, STRIDE provides a checklist for the analyst to work through. In this case the list is the set of threat types shown in the table below. The six categories that make up the STRIDE acronym are often extended to include some extra items to accommodate the special requirements of a particular context. Here, two additional categories have been included.

Threat type Description
Spoofing identity The situation where messages or data appear to come from a legitimate source, but which are in fact generated by a malicious actor.
Tampering The injection of malicious code which compromises the normal operation of the system. This could include, for example, uploading modified firmware to an edge device.
Repudiation The failure to securely attribute an action to a user (or a device).
Information disclosure The unauthorised leakage of data from system. This includes data of any kind including user or device identities as well as sensor data.
Denial of service The overloading of the system so that it becomes unavailable.
Escalation of privilege The unauthorised access to administrative functions of a system.
Physical security bypass Unauthorised access to the physical device. This can include, for example, the ability to make physical connections to communication ports.
Social engineering The manipulation of human actors causing them to compromise the normal operation of a system.