Attack Trees with Sequential Conjunction

Ravi Jhawar, Barbara Kordy, Sjouke Mauw, Sasa Radomirović, Rolando Trujillo-Rasua

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    48 Citations (Scopus)


    We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.
    Original languageEnglish
    Title of host publicationInternational Conference on ICT Systems Security and Privacy Protection (IFIPSEC)
    Place of PublicationLondon
    Number of pages14
    ISBN (Print)978-3-319-18466-1
    Publication statusPublished - 26 May 2015
    EventInternational Conference on ICT Systems Security and Privacy Protection, IFIPSEC 2015 - Hamburg, Germany
    Duration: 26 May 201528 May 2015

    Publication series

    NameIFIP Advances in Information and Communication Technology


    ConferenceInternational Conference on ICT Systems Security and Privacy Protection, IFIPSEC 2015
    Other26-28 May 2015


    • METIS-312581
    • IR-95794
    • EWI-25978
    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/318003

    Fingerprint Dive into the research topics of 'Attack Trees with Sequential Conjunction'. Together they form a unique fingerprint.

    Cite this