What is the idea of a block? It's a compensating control intended to break a specific chain(path) in the attack tree.

The methodology for drawing attack trees is to first explore all the actions a bad-actor could perform, build that "attack-only" tree, then go back and fill in the tree with any Blocks that either exist today or that we think would be useful in the future.

When those blocks are added, I'm not sure it's useful to redraw the tree without the subsequent attacks... To illustrate:

[actor]->[throws rock]->[break window]->[access property]->[steal stuff]

If we add a block [unbreakable glass] should we insert it, with a visual queue that it's a block:

[actor]->[throws rock]--[**unbreakable glass**]--[break window]->[access property]->[steal stuff]

Or would it be better, if we are sure the block is 100% effective, to simply end the chain there?

[actor]->[throws rock]--[**unbreakable glass**]

I think probably the first option creates the better, simpler experience, it makes the attack tree's more useful in the long term (what if it turns out unbreakable wasn't actually ... unbreakable, and we find out after the fact?) and doesn't undo the work that engineers put into building the diagram.

Currently Blocks have an "implemented" boolean. When true, they're drawn as a blue box and arrows don't change (that seems like a bug) - when false, they're drawn as a grey box with dashed arrows on entry and exit.

I think both types of "block" need to use dashed lines, after all, few are rarely 100% effective but it's important for someone looking to understand if a fix is implemented or not.

I think the only difference is rendering of a implemented or unimplemented Block should be the colour and shape of the drawn node, lines going in/out should be the same.