Querying Fault and Attack Trees: Property Specification on a Water Network

Stefano M. Nicoletti; Milan Lopuhaä-Zwakenberg; E. Moritz Hahn; Mariëlle Stoelinga

doi:10.1109/RAMS51492.2024.10457796

Querying Fault and Attack Trees: Property Specification on a Water Network

Stefano M. Nicoletti, Milan Lopuhaä-Zwakenberg, E. Moritz Hahn, Mariëlle Stoelinga

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

1 Downloads (Pure)

Abstract

We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic extension of BFL and ATM, a logic for security metrics on ATs. We validate the framework composed by these three logics by applying them to the case study of a water distribution network. We extend the FT for this network - found in the literature - and we propose to model the system under analysis with the Fault Trees/Attack Trees (FT/ATs) formalism, combining both FTs and ATs in a unique model. Furthermore, we propose a novel combination of the showcased logics to account for queries that jointly consider both the FT and the AT of the model, integrating influences of attacks on failure probabilities of different components. Finally, we extend the domain specific language for PFL with novel constructs to capture the interplay between metrics of attacks - e.g., 'cost', success probabilities - and failure probabilities in the system.

Original language	English
Title of host publication	2024 Annual Reliability and Maintainability Symposium (RAMS)
Publisher	IEEE
Number of pages	6
ISBN (Electronic)	979-8-3503-0769-6
ISBN (Print)	979-8-3503-0770-2
DOIs	https://doi.org/10.1109/RAMS51492.2024.10457796
Publication status	Published - 2024
Event	70th Annual Reliability and Maintainability Symposium, RAMS 2024 - Albuquerque, United States Duration: 22 Jan 2024 → 25 Jan 2024 Conference number: 70

Publication series

Name	Proceedings, Annual Reliability and Maintainability Symposium
ISSN (Print)	0149-144X
ISSN (Electronic)	2577-0993

Conference

Conference	70th Annual Reliability and Maintainability Symposium, RAMS 2024
Abbreviated title	RAMS 2024
Country/Territory	United States
City	Albuquerque
Period	22/01/24 → 25/01/24

Keywords

2024 OA procedure
case study analysis
fault tree analysis
fault trees
logic
property specification
attack trees

Access to Document

10.1109/RAMS51492.2024.10457796

ArticleFinal published version, 709 KBLicence: Taverne

Cite this

@inproceedings{b2f86cc5b8b44f5f8cb95a7788adfca8,

title = "Querying Fault and Attack Trees: Property Specification on a Water Network",

abstract = "We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic extension of BFL and ATM, a logic for security metrics on ATs. We validate the framework composed by these three logics by applying them to the case study of a water distribution network. We extend the FT for this network - found in the literature - and we propose to model the system under analysis with the Fault Trees/Attack Trees (FT/ATs) formalism, combining both FTs and ATs in a unique model. Furthermore, we propose a novel combination of the showcased logics to account for queries that jointly consider both the FT and the AT of the model, integrating influences of attacks on failure probabilities of different components. Finally, we extend the domain specific language for PFL with novel constructs to capture the interplay between metrics of attacks - e.g., 'cost', success probabilities - and failure probabilities in the system.",

keywords = "2024 OA procedure, case study analysis, fault tree analysis, fault trees, logic, property specification, attack trees",

author = "Nicoletti, {Stefano M.} and Milan Lopuha{\"a}-Zwakenberg and Hahn, {E. Moritz} and Mari{\"e}lle Stoelinga",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 70th Annual Reliability and Maintainability Symposium, RAMS 2024, RAMS 2024 ; Conference date: 22-01-2024 Through 25-01-2024",

year = "2024",

doi = "10.1109/RAMS51492.2024.10457796",

language = "English",

isbn = "979-8-3503-0770-2",

series = "Proceedings, Annual Reliability and Maintainability Symposium",

publisher = "IEEE",

booktitle = "2024 Annual Reliability and Maintainability Symposium (RAMS)",

address = "United States",

}

Nicoletti, SM , Lopuhaä-Zwakenberg, M, Hahn, EM & Stoelinga, M 2024, Querying Fault and Attack Trees: Property Specification on a Water Network. in 2024 Annual Reliability and Maintainability Symposium (RAMS). Proceedings, Annual Reliability and Maintainability Symposium, IEEE, 70th Annual Reliability and Maintainability Symposium, RAMS 2024, Albuquerque, United States, 22/01/24. https://doi.org/10.1109/RAMS51492.2024.10457796

Querying Fault and Attack Trees: Property Specification on a Water Network. / Nicoletti, Stefano M.; Lopuhaä-Zwakenberg, Milan; Hahn, E. Moritz et al.
2024 Annual Reliability and Maintainability Symposium (RAMS). IEEE, 2024. (Proceedings, Annual Reliability and Maintainability Symposium).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Querying Fault and Attack Trees

T2 - 70th Annual Reliability and Maintainability Symposium, RAMS 2024

AU - Nicoletti, Stefano M.

AU - Lopuhaä-Zwakenberg, Milan

AU - Hahn, E. Moritz

AU - Stoelinga, Mariëlle

N1 - Conference code: 70

PY - 2024

Y1 - 2024

N2 - We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic extension of BFL and ATM, a logic for security metrics on ATs. We validate the framework composed by these three logics by applying them to the case study of a water distribution network. We extend the FT for this network - found in the literature - and we propose to model the system under analysis with the Fault Trees/Attack Trees (FT/ATs) formalism, combining both FTs and ATs in a unique model. Furthermore, we propose a novel combination of the showcased logics to account for queries that jointly consider both the FT and the AT of the model, integrating influences of attacks on failure probabilities of different components. Finally, we extend the domain specific language for PFL with novel constructs to capture the interplay between metrics of attacks - e.g., 'cost', success probabilities - and failure probabilities in the system.

AB - We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic extension of BFL and ATM, a logic for security metrics on ATs. We validate the framework composed by these three logics by applying them to the case study of a water distribution network. We extend the FT for this network - found in the literature - and we propose to model the system under analysis with the Fault Trees/Attack Trees (FT/ATs) formalism, combining both FTs and ATs in a unique model. Furthermore, we propose a novel combination of the showcased logics to account for queries that jointly consider both the FT and the AT of the model, integrating influences of attacks on failure probabilities of different components. Finally, we extend the domain specific language for PFL with novel constructs to capture the interplay between metrics of attacks - e.g., 'cost', success probabilities - and failure probabilities in the system.

KW - 2024 OA procedure

KW - case study analysis

KW - fault tree analysis

KW - fault trees

KW - logic

KW - property specification

KW - attack trees

UR - http://www.scopus.com/inward/record.url?scp=85189287748&partnerID=8YFLogxK

U2 - 10.1109/RAMS51492.2024.10457796

DO - 10.1109/RAMS51492.2024.10457796

M3 - Conference contribution

AN - SCOPUS:85189287748

SN - 979-8-3503-0770-2

T3 - Proceedings, Annual Reliability and Maintainability Symposium

BT - 2024 Annual Reliability and Maintainability Symposium (RAMS)

PB - IEEE

Y2 - 22 January 2024 through 25 January 2024

ER -

Querying Fault and Attack Trees: Property Specification on a Water Network

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

If a Tree Falls in the Forest: Risk Logics for Safety-Security Analysis

Cite this