Sequential and Parallel Attack Tree Modelling

Florian Arnold, Dennis Guck, Rajesh Kumar, Mariëlle Stoelinga

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    14 Citations (Scopus)

    Abstract

    The intricacy of socio-technical systems requires a careful planning and utilisation of security resources to ensure uninterrupted, secure and reliable services. Even though many studies have been conducted to understand and model the behaviour of a potential attacker, the detection of crucial security vulnerabilities in such a system still provides a substantial challenge for security engineers. The success of a sophisticated attack crucially depends on two factors: the resources and time available to the attacker; and the stepwise execution of interrelated attack steps. This paper presents an extension of dynamic attack tree models by using both, the sequential and parallel behaviour of AND and OR-gates. Thereby we take great care to allow the modelling of any kind of temporal and stochastic dependencies which might occur in the model. We demonstrate the applicability on several case studies.
    Original languageEnglish
    Title of host publicationComputer Safety, Reliability, and Security
    Subtitle of host publicationSAFECOMP 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands, September 22, 2015, Proceedings
    EditorsFloor Koornneef, Coen van Gulijk
    Place of PublicationCham
    PublisherSpringer
    Pages291-299
    Number of pages9
    ISBN (Electronic)978-3-319-24249-1
    ISBN (Print)978-3-319-24248-4
    DOIs
    Publication statusPublished - Sep 2015
    Event34th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2015 - Delft, Netherlands
    Duration: 22 Sep 201522 Sep 2015
    Conference number: 34
    http://safecomp2015.tudelft.nl/

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer
    Volume9338
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference34th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2015
    Abbreviated titleSAFECOMP
    CountryNetherlands
    CityDelft
    Period22/09/1522/09/15
    Internet address

    Keywords

    • EC Grant Agreement nr.: FP7/318003
    • EWI-26252
    • EC Grant Agreement nr.: FP7/2007-2013
    • SEQ-OR
    • METIS-312708
    • IR-97256
    • Case Studies
    • Markov Automata
    • Attack Tree
    • Security analysis
    • Sequential and parallel

    Fingerprint Dive into the research topics of 'Sequential and Parallel Attack Tree Modelling'. Together they form a unique fingerprint.

  • Cite this

    Arnold, F., Guck, D., Kumar, R., & Stoelinga, M. (2015). Sequential and Parallel Attack Tree Modelling. In F. Koornneef, & C. van Gulijk (Eds.), Computer Safety, Reliability, and Security: SAFECOMP 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands, September 22, 2015, Proceedings (pp. 291-299). (Lecture Notes in Computer Science; Vol. 9338). Cham: Springer. https://doi.org/10.1007/978-3-319-24249-1_25