What's the use of size attribute for technical assets?

[chujiaoma]

Hi, I've been looking through the code and some attributes, like protocol, are used in functions that are in the logic for different risks. But for size of technical asset (system, service, application, component), I can't find them being used anywhere. I see them declared in different technical assets in the add-build-pipeline-macro.go and add-vault-macro.go but don't see them used in code or impact threats in anyway? Any advice appreciated. Thanks!

[klahnen]

Hi, when I use threagile use size like this:

• application: is a set including your frontend system, backend system.
• system: is a set including many parts that work together for 1 specific purpose. For example: Authentication System (frontend login page + backend authentication service)
• service: is just an specific backend service as backend authentication service.
• component: I'm saving this one for smaller pieces inside a service or a system. For example: Login-Form-Component or ServiceLoggingComponent.

Hope that helps :)