Jean-Marie Kabasele Tenday , University ND Kasayi(UKA), DR Congo

Traditional threat modeling techniques often focus on theoretical or system-specific threats without grounding them in empirical adversarial behavior. Conversely, frameworks such as MITRE ATT&CK provide rich, intelligence-based taxonomies of real-world attacker tactics, techniques, and procedures (TTPs), but are rarely integrated into early software design phases. This paper proposes a methodology for linking misuse cases—UML-based representations of malicious system interactions—with MITRE ATT&CK techniques, enabling traceability between system-level threats and empirically observed attacks. The proposed framework enhances the relevance, completeness, and operational value of misuse case–based threat modeling. A structured mapping template and example implementation demonstrate how software architects can enrich their security design processes using ATT&CK-informed misuse cases

Misuse case, MITRE ATT&CK, Threat Analysis, Threat Modeling, Cybersecurity, Secure Design.