At this stage, the focus is on understanding the life cycle of data as it flows through the system. This understanding allows us to identify vulnerable or weak points that must be addressed within the security architecture. To start, you must identify and document the entry points for data within the system. These points are typically sensors, gateways, or control and management computing resources.
Next, it is important to trace the flow of data from the entry points and document the various components that interact with that data throughout the system. Identify high-profile targets for attackers (these can be intermediate or top-level nodes of an attack tree)—these may be points within the system that aggregate ...