Attack time analysis in dynamic attack trees via integer linear programming

Milan Lopuhaä-Zwakenberg*, Mariëlle Stoelinga

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Downloads (Pure)


Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.
Original languageEnglish
Title of host publicationSoftware Engineering and Formal Methods
Subtitle of host publication21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings
EditorsCarla Ferreira, Tim A.C. Willemse
ISBN (Electronic)978-3-031-47115-5
ISBN (Print)978-3-031-47114-8
Publication statusE-pub ahead of print/First online - 31 Oct 2023

Publication series

NameLecture Notes in Computer Science


  • 2024 OA procedure


Dive into the research topics of 'Attack time analysis in dynamic attack trees via integer linear programming'. Together they form a unique fingerprint.

Cite this