"Elevation of Privilege (abbreviated "EoP") is a card game developed by Adam Shostack with assistance from many patient Microsoft developers, and is designed to provide a fun and educational introduction to the concepts and practice of Threat Modeling.
The basic gameplay is similar to that of many "trick-winning" card games, in which a player leads a card of a particular suit, and other players have to play a card that will match the suit, discard a card of a different suit, or play a card of the declared "trump" suit. The winner of the trick will be the player who plays the highest-value trump card, or if all players played cards from the same suit as the lead player, the player who plays the highest-value card from the led suit is the winner of the trick. The winner of each trick then leads for the next trick until all cards have been used.
EoP can be played with the goal of simply accruing tricks, and gaining points for each trick won in this matter - but the purpose of the game is to encourage the players to think of credible threats to an application design, so that these threats can be enumerated, analyzed and mitigated. To this end, the suits in the EoP deck are the six elements of the "STRIDE" framework of threats:
Play ends when other people want the conference room, when players get bored with the game, or when they decide that enough is enough, and they'll use the SDL threat modeling tool instead. This usually indicates that the player feels the cards are slowing down their ability to generate valid threats, or that the player's points score is so far behind everyone else's that it is impossible for them to win any more.
Cheating is encouraged.
Inventing new attacks is encouraged.
Setting fire to the cards and saying, "How's that for an Ace of Denial-of-Service?" is considered somewhat counter-productive.
You've got to love those last three lines... LOL. I wonder if there's a multiplayer WP7 app for this yet? :P
Here's a snap of the cards;
And the instructions;