Parametric analyses of attack-fault trees
From MaRDI portal
Publication:5025035
Abstract: Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are conditions that must be guaranteed. One of the traditional tools used to help considering these problems is attack trees, a tree-based formalism inspired by fault trees, a well-known formalism used in safety engineering. In this paper we define and implement the translation of attack-fault trees (AFTs) to a new extension of timed automata, called parametric weighted timed automata. This allows us to parametrize constants such as time and discrete costs in an AFT and then, using the model-checker IMITATOR, to compute the set of parameter values such that a successful attack is possible. Using the different sets of parameter values computed, different attack and fault scenarios can be deduced depending on the budget, time or computation power of the attacker, providing helpful data to select the most efficient counter-measure.
Recommendations
Cites work
- scientific article; zbMATH DE number 1794367 (Why is no real title available?)
- A theory of timed automata
- AN INVERSE METHOD FOR PARAMETRIC TIMED AUTOMATA
- Attack-defense trees
- DAG-based attack and defense modeling: don't miss the forest for the attack trees
- Fault tree analysis: a survey of the state-of-the-art in modeling, analysis and tools
- Modelling attack-defense trees using timed automata
- On quantitative analysis of attack-defense trees with repeated labels
- Optimal paths in weighted timed automata
- Parametric real-time reasoning
- Quantitative attack tree analysis via priced timed automata
- Statistical Model Checking for Networks of Priced Timed Automata
- Stochastic model checking. Rigorous dependability analysis using model checking techniques for stochastic systems. International autumn school, ROCKS 2012, Vahrn, Italy, October 22--26, 2012. Advanced lectures
- Timed verification of the generic architecture of a memory circuit using parametric timed automata
Cited in
(7)- Attack trees vs. fault trees: two sides of the same coin from different currencies
- \textsf{IMITATOR} 3: synthesis of timing parameters beyond decidability
- Assessing security of cryptocurrencies with attack-defense trees: proof of concept and future directions
- Fault-tree modelling of computer system security
- Quantitative attack tree analysis via priced timed automata
- Modelling attack-defense trees using timed automata
- Critical-time metric for risk analysis against sharp input anomalies: computation and application case study
This page was built for publication: Parametric analyses of attack-fault trees
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q5025035)
