Quantitative security and safety analysis with attack-fault trees

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    87 Citations (Scopus)
    1761 Downloads (Pure)

    Abstract

    Cyber physical systems, like power plants, medical devices and data centers have to meet high standards, both in terms of safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to malicious attacks). This paper presents attack fault trees (AFTs), a formalism that marries fault trees (safety) and attack trees (security). We equip AFTs with stochastic model checking techniques, enabling a rich plethora of qualitative and quantitative analyses. Qualitative metrics pinpoint to root causes of the system failure, while quantitative metrics concern the likelihood, cost, and impact of a disruption. Examples are: (1) the most likely attack path; (2) the most costly system failure; (3) the expected impact of an attack. Each of these metrics can be constrained, i.e., we can provide the most likely disruption within time t and/or budget B. Finally, we can use sensitivity analysis to find the attack step that has the most influence on a given metric. We demonstrate our approach through three realistic cases studies.
    Original languageEnglish
    Title of host publicationProceedings of the 18th IEEE International Symposium on High Assurance Systems Engineering (HASE 2017)
    PublisherIEEE
    Pages25-32
    Number of pages8
    ISBN (Electronic)978-1-5090-4636-2
    ISBN (Print)978-1-5090-4637-9
    DOIs
    Publication statusPublished - 12 Jan 2017
    Event18th IEEE International Symposium on High Assurance Systems Engineering, HASE 2017 - Singapore, Singapore
    Duration: 12 Jan 201714 Jan 2017
    Conference number: 18

    Publication series

    NameHASE
    PublisherIEEE
    ISSN (Print)1530-2059

    Conference

    Conference18th IEEE International Symposium on High Assurance Systems Engineering, HASE 2017
    Abbreviated titleHASE
    Country/TerritorySingapore
    CitySingapore
    Period12/01/1714/01/17

    Keywords

    • Multi parameter attack trees
    • Quantitative analysis
    • Safety and security modelling
    • Stochastic model checking
    • EC Grant Agreement nr.: FP7/318003
    • EC Grant Agreement nr.: FP7/2007-2013

    Fingerprint

    Dive into the research topics of 'Quantitative security and safety analysis with attack-fault trees'. Together they form a unique fingerprint.

    Cite this