Broadly considered a risk-centric framework, PASTA employs an attacker-centric standpoint to produce an asset-centric output in the form of threat enumeration and scoring. The basis node — the topmost parent inside the diagram — is the overall target of the attack. With the attack tree, risk modelers can see what https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network
