Parametric analyses of attack-fault trees
From MaRDI portal
Publication:5025035
DOI10.3233/FI-2021-2066zbMATH Open1491.68034arXiv1902.04336MaRDI QIDQ5025035FDOQ5025035
Authors: Étienne André, Didier Lime, Mathias Ramparison, Mariëlle I. A. Stoelinga 
Publication date: 1 February 2022
Published in: Fundamenta Informaticae (Search for Journal in Brave)
Abstract: Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are conditions that must be guaranteed. One of the traditional tools used to help considering these problems is attack trees, a tree-based formalism inspired by fault trees, a well-known formalism used in safety engineering. In this paper we define and implement the translation of attack-fault trees (AFTs) to a new extension of timed automata, called parametric weighted timed automata. This allows us to parametrize constants such as time and discrete costs in an AFT and then, using the model-checker IMITATOR, to compute the set of parameter values such that a successful attack is possible. Using the different sets of parameter values computed, different attack and fault scenarios can be deduced depending on the budget, time or computation power of the attacker, providing helpful data to select the most efficient counter-measure.
Full work available at URL: https://arxiv.org/abs/1902.04336
Recommendations
Cites Work
- A theory of timed automata
- DAG-based attack and defense modeling: don't miss the forest for the attack trees
- Attack-defense trees
- AN INVERSE METHOD FOR PARAMETRIC TIMED AUTOMATA
- Parametric real-time reasoning
- Statistical Model Checking for Networks of Priced Timed Automata
- Optimal paths in weighted timed automata
- Title not available (Why is that?)
- Stochastic model checking. Rigorous dependability analysis using model checking techniques for stochastic systems. International autumn school, ROCKS 2012, Vahrn, Italy, October 22--26, 2012. Advanced lectures
- Timed verification of the generic architecture of a memory circuit using parametric timed automata
- On quantitative analysis of attack-defense trees with repeated labels
- Fault tree analysis: a survey of the state-of-the-art in modeling, analysis and tools
- Quantitative attack tree analysis via priced timed automata
- Modelling attack-defense trees using timed automata
Cited In (7)
- Attack trees vs. fault trees: two sides of the same coin from different currencies
- \textsf{IMITATOR} 3: synthesis of timing parameters beyond decidability
- Assessing security of cryptocurrencies with attack-defense trees: proof of concept and future directions
- Fault-tree modelling of computer system security
- Quantitative attack tree analysis via priced timed automata
- Modelling attack-defense trees using timed automata
- Critical-time metric for risk analysis against sharp input anomalies: computation and application case study
Uses Software
This page was built for publication: Parametric analyses of attack-fault trees
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q5025035)
