Effective Analysis of Attack Trees: A Model-Driven Approach

Rajesh Kumar, Stefano Schivo, Enno Jozef Johannes Ruijters, Bugra Mehmet Yildiz, David Julius Huistra, Jacco Brandt, Arend Rensink, Mariëlle Ida Antoinette Stoelinga

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    6 Citations (Scopus)
    139 Downloads (Pure)

    Abstract

    Attack trees (ATs) are a popular formalism for security analysis, and numerous variations and tools have been developed around them. These were mostly developed independently, and offer little interoperability or ability to combine various AT features.

    We present ATTop, a software bridging tool that enables automated analysis of ATs using a model-driven engineering approach. ATTop fulfills two purposes: 1. It facilitates interoperation between several AT analysis methodologies and resulting tools (e.g., ATE, ATCalc, ADTool 2.0), 2. it can perform a comprehensive analysis of attack trees by translating them into timed automata and analyzing them using the popular model checker Uppaal, and translating the analysis results back to the original ATs. Technically, our approach uses various metamodels to provide a unified description of AT variants. Based on these metamodels, we perform model transformations that allow to apply various analysis methods to an AT and trace the results back to the AT domain. We illustrate our approach on the basis of a case study from the AT literature.
    Original languageEnglish
    Title of host publicationProceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018)
    EditorsAlessandra Russo, Andreas Schürr
    PublisherSpringer
    Pages56-73
    Number of pages18
    ISBN (Electronic)978-3-319-89363-1
    ISBN (Print)978-3-319-89362-4
    DOIs
    Publication statusPublished - Apr 2018
    Event21st International Conference on Fundamental Approaches to Software Engineering 2018 - Makedonia Palace, Thessaloniki, Greece
    Duration: 14 Apr 201820 Apr 2018
    Conference number: 21
    https://www.etaps.org/index.php/2018/fase

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer
    Volume10802
    ISSN (Print)0302-9743

    Conference

    Conference21st International Conference on Fundamental Approaches to Software Engineering 2018
    Abbreviated titleFASE 2018
    CountryGreece
    CityThessaloniki
    Period14/04/1820/04/18
    Internet address

    Fingerprint

    Interoperability

    Cite this

    Kumar, R., Schivo, S., Ruijters, E. J. J., Yildiz, B. M., Huistra, D. J., Brandt, J., ... Stoelinga, M. I. A. (2018). Effective Analysis of Attack Trees: A Model-Driven Approach. In A. Russo, & A. Schürr (Eds.), Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018) (pp. 56-73). (Lecture Notes in Computer Science; Vol. 10802). Springer. https://doi.org/10.1007/978-3-319-89363-1_4
    Kumar, Rajesh ; Schivo, Stefano ; Ruijters, Enno Jozef Johannes ; Yildiz, Bugra Mehmet ; Huistra, David Julius ; Brandt, Jacco ; Rensink, Arend ; Stoelinga, Mariëlle Ida Antoinette. / Effective Analysis of Attack Trees: A Model-Driven Approach. Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018). editor / Alessandra Russo ; Andreas Schürr. Springer, 2018. pp. 56-73 (Lecture Notes in Computer Science).
    @inproceedings{7235bb74579e476183cb1f106e1d310c,
    title = "Effective Analysis of Attack Trees: A Model-Driven Approach",
    abstract = "Attack trees (ATs) are a popular formalism for security analysis, and numerous variations and tools have been developed around them. These were mostly developed independently, and offer little interoperability or ability to combine various AT features.We present ATTop, a software bridging tool that enables automated analysis of ATs using a model-driven engineering approach. ATTop fulfills two purposes: 1. It facilitates interoperation between several AT analysis methodologies and resulting tools (e.g., ATE, ATCalc, ADTool 2.0), 2. it can perform a comprehensive analysis of attack trees by translating them into timed automata and analyzing them using the popular model checker Uppaal, and translating the analysis results back to the original ATs. Technically, our approach uses various metamodels to provide a unified description of AT variants. Based on these metamodels, we perform model transformations that allow to apply various analysis methods to an AT and trace the results back to the AT domain. We illustrate our approach on the basis of a case study from the AT literature.",
    author = "Rajesh Kumar and Stefano Schivo and Ruijters, {Enno Jozef Johannes} and Yildiz, {Bugra Mehmet} and Huistra, {David Julius} and Jacco Brandt and Arend Rensink and Stoelinga, {Mari{\"e}lle Ida Antoinette}",
    year = "2018",
    month = "4",
    doi = "10.1007/978-3-319-89363-1_4",
    language = "English",
    isbn = "978-3-319-89362-4",
    series = "Lecture Notes in Computer Science",
    publisher = "Springer",
    pages = "56--73",
    editor = "Alessandra Russo and Andreas Sch{\"u}rr",
    booktitle = "Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018)",

    }

    Kumar, R, Schivo, S, Ruijters, EJJ, Yildiz, BM, Huistra, DJ, Brandt, J, Rensink, A & Stoelinga, MIA 2018, Effective Analysis of Attack Trees: A Model-Driven Approach. in A Russo & A Schürr (eds), Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018). Lecture Notes in Computer Science, vol. 10802, Springer, pp. 56-73, 21st International Conference on Fundamental Approaches to Software Engineering 2018, Thessaloniki, Greece, 14/04/18. https://doi.org/10.1007/978-3-319-89363-1_4

    Effective Analysis of Attack Trees: A Model-Driven Approach. / Kumar, Rajesh ; Schivo, Stefano ; Ruijters, Enno Jozef Johannes; Yildiz, Bugra Mehmet; Huistra, David Julius; Brandt, Jacco; Rensink, Arend ; Stoelinga, Mariëlle Ida Antoinette.

    Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018). ed. / Alessandra Russo; Andreas Schürr. Springer, 2018. p. 56-73 (Lecture Notes in Computer Science; Vol. 10802).

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Effective Analysis of Attack Trees: A Model-Driven Approach

    AU - Kumar, Rajesh

    AU - Schivo, Stefano

    AU - Ruijters, Enno Jozef Johannes

    AU - Yildiz, Bugra Mehmet

    AU - Huistra, David Julius

    AU - Brandt, Jacco

    AU - Rensink, Arend

    AU - Stoelinga, Mariëlle Ida Antoinette

    PY - 2018/4

    Y1 - 2018/4

    N2 - Attack trees (ATs) are a popular formalism for security analysis, and numerous variations and tools have been developed around them. These were mostly developed independently, and offer little interoperability or ability to combine various AT features.We present ATTop, a software bridging tool that enables automated analysis of ATs using a model-driven engineering approach. ATTop fulfills two purposes: 1. It facilitates interoperation between several AT analysis methodologies and resulting tools (e.g., ATE, ATCalc, ADTool 2.0), 2. it can perform a comprehensive analysis of attack trees by translating them into timed automata and analyzing them using the popular model checker Uppaal, and translating the analysis results back to the original ATs. Technically, our approach uses various metamodels to provide a unified description of AT variants. Based on these metamodels, we perform model transformations that allow to apply various analysis methods to an AT and trace the results back to the AT domain. We illustrate our approach on the basis of a case study from the AT literature.

    AB - Attack trees (ATs) are a popular formalism for security analysis, and numerous variations and tools have been developed around them. These were mostly developed independently, and offer little interoperability or ability to combine various AT features.We present ATTop, a software bridging tool that enables automated analysis of ATs using a model-driven engineering approach. ATTop fulfills two purposes: 1. It facilitates interoperation between several AT analysis methodologies and resulting tools (e.g., ATE, ATCalc, ADTool 2.0), 2. it can perform a comprehensive analysis of attack trees by translating them into timed automata and analyzing them using the popular model checker Uppaal, and translating the analysis results back to the original ATs. Technically, our approach uses various metamodels to provide a unified description of AT variants. Based on these metamodels, we perform model transformations that allow to apply various analysis methods to an AT and trace the results back to the AT domain. We illustrate our approach on the basis of a case study from the AT literature.

    U2 - 10.1007/978-3-319-89363-1_4

    DO - 10.1007/978-3-319-89363-1_4

    M3 - Conference contribution

    SN - 978-3-319-89362-4

    T3 - Lecture Notes in Computer Science

    SP - 56

    EP - 73

    BT - Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018)

    A2 - Russo, Alessandra

    A2 - Schürr, Andreas

    PB - Springer

    ER -

    Kumar R, Schivo S, Ruijters EJJ, Yildiz BM, Huistra DJ, Brandt J et al. Effective Analysis of Attack Trees: A Model-Driven Approach. In Russo A, Schürr A, editors, Proceedings of the 21st International Conference on Fundamental Approaches to Software Engineering (FASE 2018). Springer. 2018. p. 56-73. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-89363-1_4