Model-based Risk Assessment (MBRA) is a risk assessment paradigm that emphasizes the use of rigorous models, analytics, and automated tools and best practices for the repeatable assessments of the cybersecurity of systems. MBRA is aligned with Model-Based Systems Engineering (MBSE) and emphasizes leveraging engineering models for the purposes of risk assessment. MBRA is also aligned with the NIST Risk Management Framework workflow and the Cybersecurity Framework. This presentation will discuss how to use MBRA with the Unified Architecture Framework (UAF) and SysML to identify, analyze, classify and understand cybersecurity threats and related risks. This assessment will help stakeholders determine where to focus mitigation efforts, budget and resources.