What’s New

AttackTree 5.0.1

AttackTree 5.0.1 includes the following new features:

  • A requirements analysis may now be performed for an attack tree gate. A requirements analysis determines the path sets for the gate and determines which requirements have been assigned to each event path.
  • Requirements may now be assigned to gates and primary events in an attack tree. Requirements assigned to gates may also be assigned an event path.

AttackTree 5.0

AttackTree 5.0 includes the following new features:

  • Cyber security assurance levels (CAL) are now calculated for threats and assets based on the attack
    vector specified for each threat. Consequence CAL values may be specified in the Consequence
    dialog, ISO 21434 tab, for each attack vector option.
  • Two project options have been added to allow users to synchronize indicator values and consequence
    selections for threats associated with a data link to an attack tree gate in the same project.
  • Users may now select auto-assign for a consequence category in the threat analysis module. This has
    the effect of summating the weights of other categories to determine which consequence to assign (for
    the auto-assign category). This allows compliance with the HEAVENS standard method of determining
    impact levels.
  • Phrase tables may now be constructed in the threat analysis module. Phrases apply to asset/threat
    description and custom text fields.
  • Import/Export to Excel spreadsheets now refreshes column names in dialog when user selects
    ‘Column names in first row’ after selecting file name.
  • e-Help has been added in addition to chm help.
  • A new improved Enterprise interface has been implemented.
  • Project files differencing has been added (Tools menu).
  • PDF reports diagram page links have been implemented.
  • Grid layout filters now allow users to enter a SQL where clause.
  • Memo text field lengths have been extended in length from 2000 to 40000 characters.
  • Diagram draw speeds were very slow if long descriptions are used for double-byte character strings
    (Chinese, Japanese etc.). This was due to inefficiencies in the Microsoft MeasureString method. A new
    option has been added to the project options ‘Fonts’ tab allowing precise fitting (the slower method) to
    be switched off (the default) for double-byte languages.

AttackTree 4.0

AttackTree 4.0 includes the following new features:

  • AttackTree now provides the framework for threat modelling, performing threat analysis and risk assessment according to well known standards such as J3061 and ISO-26262. Users may also customize the analysis using their own consequence categories and severity weightings, likelihood categories and risk levels.
  • Indicator values can now be displayed in gate, consequence, and risk category cut set reports.
  • Indicator options have been added in addition to indicator values.
  • Plugins may now perform analyses so long as the appropriate module licence is available.
  • Plugins will now automatically reference the calling .Net assembly.

AttackTree 3.0.1

AttackTree 3.0.1 includes the following new features:

  • The report database is now based on the SQL Server LocalDB database engine instead of SQL Server Compact. This technology provides the following benefits: 1) an increase in the maximum database size from 4 GB to 10 GB, 2) Complex SQL queries are processed much faster (orders of magnitude in some cases), and 3) full SQL Server Transact-SQL syntax is supported.
  • Users may now optionally remove phonetics when importing from an Excel spreadsheet. The appropriate option needs to be set in the Application Options dialog, Import tab.
  • The time taken to repaginate text column reports has been reduced by a factor of 2 to 3 in some circumstances.
  • The time taken to page through text column reports has been significantly reduced
  • The time taken to publish PDF and Word text column reports has been significantly reduced.
  • A feature has been added allowing the user to syntax check and format SQL queries in the report designer SQL Query Wizard.

 AttackTree 3.0

AttackTree 3.0 includes the following new features:

  • A ‘Mitigation Tree’ module has been added allowing users to model the effects of mitigation factors on consequences.
  • Tool tips have been added to list controls in the Grid Layouts dialog (General tab) to identifier the field ID.
  • Database ‘integer’ import fields may now be matched to ‘double’ application fields.
  • Reports can now be displayed in full screen mode.
  • The Status tab of the license activation dialog now has an option to show all, active, expired or broken license entitlements.
  • The licence status text on the Status tab of the License Activation dialog can now be copied to the clipboard.
  • The activation and fulfillment id's on the Return tab of the License Activation dialog can now be copied to the clipboard. The feature is intended to help when re-hosting licenses. It allows users to make a record of the activation id's prior to returning their licenses and then use this information when activating on the new host.

AttackTree 2.0

64-bit Application

AttackTree 2.0 runs as a 64-bit application allowing much larger models to be analyzed than in previous 32-bit versions.

Please note that AttackTree  2.0 requires a 64-bit operating system.

Enterprise Version

The Isograph Enterprise System provides the framework for controlling multi-user project and library access through a central database system. Access rights to projects, libraries and administrative functions are controlled through user permissions. This allows an organization to:

  • Assign administrators to organize access rights to groups of users
  • Build a centralized hierarchy to organize projects and libraries
  • Restrict access to projects and libraries where necessary
  • Control the check-in and check-out of projects for modification
  • Track the current projects that are checked-out to users
  • Provide version control of projects and libraries

Enhanced Grid View

The new grid view allows access to data tables making up an AttackTree project. Users may now construct their own custom grid layouts using filter and sort facilities and take advantage of the extensive Find and Replace functionality.

Enhanced Library Facilities

Users may now attach multiple libraries when editing the current AttackTree project. Users can construct libraries of different types of data and concurrently access the data from different libraries. Data may be dragged from a library onto the appropriate node in the project tree control.

Report Designer

The Report Designer has been enhanced and extended to provide export and publishing facilities in Word and PDF format. Wizards are provided for report creation


Import and export facilities have been improved to include the latest versions of Excel and Access. SQL Server import and export is now possible.

Diagram Notes and Hyperlinks

Notes and hyperlinks may now be added directly to the AttackTree diagram. Note text and hyperlinks may be displayed by hovering the mouse cursor over the appropriate symbol in the diagram.

Spelling Checker

The new spelling checker allows users to check selected tables or the entire project for spelling errors.


If you are licensed to use the new Plugins facility you will be able to create programmable plugins that read, analyze and modify data from the current AttackTree project. Plugins may be used to create specialized reports, perform specialized operations or conversions, modify project data and call external libraries or processes. A plugin may be exported for use by other users.

Application Programming Interface (API)

A new and rich API (Application Programming Interface) has been added allowing .Net programmers to quickly build interfaces to other applications. All the standard project tables may now be accessed through the Dynamic Link Library (DLL) facility. The AttackTree  DLL enables users to seamlessly link their databases or external applications to AttackTree projects. For example, the DLL may be used to create a custom link from a database for importing parts data into a AttackTree  project.