Threat modeling is the process used to identify security requirements by reviewing a diagram of the information technology architecture. The threat surface is the sum total of all the ways a threat can cross the boundary.
Step 1: Identify security objectives.
Step 2: Identify assets and external dependencies.
Step 3: Identify trust zones.
Step 4: Identify potential threats and vulnerabilities.
Step 5: Document your threat model.