Threat Modeling DFD - Include in next layer RRS feed

  • Question

  • I am confused on how include in next layer is meant to be used.

    Imagine my high level context diagram is similar to the default one that comes up when you create a new diagram, except My Process is a multiple process.  When going to decompose My Process in a child diagram I have been selecting the user and two data flows and including them in the next layer. 

    When I try to flesh out the child diagram when I hook the user up to a new process it always says process has no connections.

    So, it would seem Include in next layer is not meant to be used that way.  Reading the manual again it seems to separate out two diagrams around the same central process, so really it is two diagrams at the same level.

    But what I do not understand is if I recreate the User and data flows then don't I have to duplicate my descriptions and mitigation's?

    Or am I way off base (I admit that I am far from a DFD expert).
    • Moved by Hengzhe Li Tuesday, June 21, 2011 12:22 PM Forum Consolidate (From:Microsoft Security Development Lifecycle (SDL) - Threat Modeling)
    Monday, January 12, 2009 8:09 PM