English
Related papers

Related papers: Attack Trees in Isabelle

200 papers

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…

Cryptography and Security · Computer Science 2018-02-12 Maxime Audinot , Sophie Pinchinat , Barbara Kordy

In this paper we present an efficient approach to implementing model checking in the Higher Order Logic (HOL) of Isabelle. This is a non-trivial task since model checking is restricted to finite state sets. By restricting our scope to…

Logic in Computer Science · Computer Science 2024-01-01 Florian Kammüller

Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance,…

Cryptography and Security · Computer Science 2019-01-11 Ahto Buldas , Olga Gadyatskaya , Aleksandr Lenin , Sjouke Mauw , Rolando Trujillo-Rasua

In security analysis, attack trees are a major tool for showing the structural decomposition of attacks and for supporting the evaluation of the quantitative properties (called attributes) of the attacks. However, the validities of…

Cryptography and Security · Computer Science 2022-04-14 Hideaki Nishihara , Yasuyuki Kawanishi , Daisuke Souma , Hirotaka Yoshida

In this paper, we propose the use of interactive theorem proving for explainable machine learning. After presenting our proposition, we illustrate it on the dedicated application of explaining security attacks using the Isabelle…

Software Engineering · Computer Science 2022-01-03 Florian Kammüller

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and…

Cryptography and Security · Computer Science 2012-10-31 Barbara Kordy , Sjouke Mauw , Patrick Schweitzer

Attack Trees are a graphical model of security used to study threat scenarios. While visually appealing and supported by solid theories and effective tools, one of their main drawbacks remains the amount of effort required by security…

Cryptography and Security · Computer Science 2024-09-13 Alyzia-Maria Konsta , Gemma Di Federico , Alberto Lluch Lafuente , Andrea Burattin

In this paper, we introduce a process of formal system development supported by interactive theorem proving in a dedicated Isabelle framework. This Isabelle Infrastructure framework implements specification and verification in a cyclic…

Software Engineering · Computer Science 2021-12-09 Florian Kammüller

Attack trees and attack graphs are both common graphical threat models used by organizations to better understand possible cybersecurity threats. These models have been primarily seen as separate entities, to be used and researched in…

Cryptography and Security · Computer Science 2021-10-07 Nathan Daniel Schiele , Olga Gadyatskaya

Isabelle is an interactive theorem prover that supports a variety of logics. It represents rules as propositions (not as functions) and builds proofs by combining rules. These operations constitute a meta-logic (or `logical framework') in…

Logic in Computer Science · Computer Science 2009-09-25 Lawrence C. Paulson

Model execution allows us to prototype and analyse software engineering models by stepping through their possible behaviours, using techniques like animation and simulation. On the other hand, deductive verification allows us to construct…

Logic in Computer Science · Computer Science 2024-10-31 Simon Foster , Chung-Kil Hur , Jim Woodcock

Isabelle is a generic theorem prover, designed for interactive reasoning in a variety of formal theories. At present it provides useful proof procedures for Constructive Type Theory, various first-order logics, Zermelo-Fraenkel set theory,…

Logic in Computer Science · Computer Science 2008-02-03 Lawrence C. Paulson

CONTEXT. Attack treesare a recommended threat modeling tool, but there is no established method to compare them. OBJECTIVE. We aim to establish a method to compare "real" attack trees, based on both the structure of the tree itself and the…

Cryptography and Security · Computer Science 2025-03-05 Nathan D. Schiele , Olga Gadyatskaya

In this paper we introduce a new logical foundation of SAND attack trees in intuitionistic linear logic. This new foundation is based on a new logic called the Attack Tree Linear Logic (ATLL). Before introducing ATLL we given several new…

Logic in Computer Science · Computer Science 2018-01-23 Harley Eades

In this paper, we show a security engineering process based on a formal notion of refinement fully formalized in the proof assistant Isabelle. This Refinement-Risk Cycle focuses on attack analysis and security refinement supported by…

Cryptography and Security · Computer Science 2020-01-27 Florian Kammüller

Attack Trees (ATs) are a widely used tool for security analysis. ATs can be employed in quantitative security analysis through metrics, which assign a security value to an AT. Many different AT metrics exist, and there exist multiple…

Cryptography and Security · Computer Science 2024-01-19 Milan Lopuhaä-Zwakenberg

Attack-defense trees (ADTs) are a prominent graphical threat modeling method that is highly recommended for analyzing and communicating security-related information. Despite this, existing empirical studies of attack trees have established…

Cryptography and Security · Computer Science 2025-04-01 Nathan Daniel Schiele , Olga Gadyatskaya

This article addresses the problem of automatically generating attack trees that soundly and clearly describe the ways the system can be attacked. Soundness means that the attacks displayed by the attack tree are indeed attacks in the…

Cryptography and Security · Computer Science 2024-07-11 Olga Gadyatskaya , Sjouke Mauw , Rolando Trujillo-Rasuac , Tim A. C. Willemse

This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…

Software Engineering · Computer Science 2020-07-08 Sébastien Salva , Loukmen Regainia

This paper describes our ongoing work on security verification against inference attacks on data trees. We focus on infinite secrecy against inference attacks, which means that attackers cannot narrow down the candidates for the value of…

Cryptography and Security · Computer Science 2013-12-18 Ryo Iwase , Yasunori Ishihara , Toru Fujiwara
‹ Prev 1 2 3 10 Next ›