**Schema proposal (high-level)**- id, version, metadata (author, created_at, repo_ref)- components: list { id, type, language, endpoints, data_classification }- flows: list { id, from, to, data, protocol, encryption }- trust_boundaries: list { id, members: [component_ids], description }- threats: list { id, title, description, likelihood (0-1), impact (1-5), score, mitigations: [mitigation_ids], tags }- mitigations: list { id, description, owner, priority, effort_hours, status, test_case_ids }- test_cases: list { id, description, type (unit/integration/pen-test), command, expected_result, automated: bool }**YAML example: payment API component**yaml
id: pm-api
type: service
language: python
endpoints:
- path: /charge
method: POST
data_classification: [card_holder, card_number_token]
**YAML example: threat + mitigation + test**yaml
threats:
- id: t1
title: "Card data exposure in transit"
description: "TLS misconfiguration allows MITM"
likelihood: 0.3
impact: 5
score: 1.5
mitigations: [m1]
mitigations:
- id: m1
description: "Enforce TLS1.2+, HSTS, cert pinning"
owner: security-team
effort_hours: 8
status: planned
test_case_ids: [tc1]
test_cases:
- id: tc1
description: "Automated TLS scanner against staging"
type: integration
command: "zgrab2 tls --host staging.pm-api.internal"
expected_result: "no weak ciphers, cert valid"
automated: true
**How schema enables automation, versioning, CI**- Machine-readable YAML allows static analyzers to compute risk scores (score = likelihood * impact) and produce alerts.- Linkable IDs (components ↔ threats ↔ mitigations ↔ tests) let CI run targeted checks (run tc1 when m1 changes).- Store in VCS: diffs provide audit trail; PRs validate schema with linters and policy-as-code (e.g., OPA) gates.- CI pipelines: on push run validators, risk regression tests, automated scanners, and fail PRs if new threats raise score above threshold.- Owners and effort_hours enable automated sprint ticketing, SLA checks, and SLO-driven prioritization.This schema is compact, supports tooling integration, and maps to security engineering workflows for automated detection, tracking, and remediation.