I've been reading a set of posts by Larry (who used to work just down the hall from me...) on threat modeling that I've been too lazy to link to, but now there's a summary post up there to reduce my effort.

Threat Modeling