The elements are concrete: what needs protecting, from whom, what those adversaries can actually do, and what cost in convenience is acceptable. Tools come after those answers, matched to the observation points that matter.
The threat-model page on this site implements the mapping from situations to service categories, and the vetting guide documents the questions to ask of any single tool.