B7. Threat Model Living document mapping the system’s threat landscape using combined STRIDE, MITRE ATLAS, OWASP Top 10 for [LLM Applications 2025 v2.0, and PASTA frameworks. Each threat is mapped against system components and assessed for both technical severity and fundamental rights impact. Developed during Phase 3 architecture design using IriusRisk or OWASP Threat Dragon. Updated when the system architecture changes, new threat intelligence emerges, or post-market monitoring reveals new attack vectors. Responsible party: Technical SME drafts and maintains. Regulations addressed: Article 15 (cybersecurity); Article 9 (risk management); CRA Article 10 (cybersecurity requirements); NIS2 Article 21 (risk management measures). Key outputs

• Per-threat control mapping with residual risk
• Top-ten bow-tie diagrams
• Fundamental rights impact assessment per threat