A threat model describes a given threat and the harm it could to do a system if it contains a vulnerability.