English
Related papers

Related papers: Model-Based Generation of Attack-Fault Trees

200 papers

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…

Cryptography and Security · Computer Science 2019-05-10 Étienne André , Didier Lime , Mathias Ramparison , Mariëlle Stoelinga

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal.…

Graphical security models constitute a well-known, user-friendly way to represent the security of a system. These kinds of models are used by security experts to identify vulnerabilities and assess the security of a system. The manual…

Cryptography and Security · Computer Science 2023-09-26 Alyzia-Maria Konsta , Beatrice Spiga , Alberto Lluch Lafuente , Nicola Dragoni

Attack Trees are a graphical model of security used to study threat scenarios. While visually appealing and supported by solid theories and effective tools, one of their main drawbacks remains the amount of effort required by security…

Cryptography and Security · Computer Science 2024-09-13 Alyzia-Maria Konsta , Gemma Di Federico , Alberto Lluch Lafuente , Andrea Burattin

In the rapidly evolving landscape of software engineering, the demand for robust and secure systems has become increasingly critical. This is especially true for self-adaptive systems due to their complexity and the dynamic environments in…

Cryptography and Security · Computer Science 2026-04-07 Irdin Pekaric , Raffaela Groner , Alexander Raschke , Thomas Witte , Jubril Gbolahan Adigun , Michael Felderer , Matthias Tichy

Adequate risk assessment of safety critical systems needs to take both safety and security into account, as well as their interaction. A prominent methodology for modeling safety and security are attack-fault trees (AFTs), which combine the…

Cryptography and Security · Computer Science 2024-08-14 Milan Lopuhaä-Zwakenberg

Recently security researchers have started to look into automated generation of attack trees from socio-technical system models. The obvious next step in this trend of automated risk analysis is automating the selection of security controls…

Cryptography and Security · Computer Science 2015-09-03 Olga Gadyatskaya

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…

Cryptography and Security · Computer Science 2018-02-12 Maxime Audinot , Sophie Pinchinat , Barbara Kordy

Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios,…

Cryptography and Security · Computer Science 2019-10-24 Jaime Arias , Carlos E. Budde , Wojciech Penczek , Laure Petrucci , Mariëlle Stoelinga

Attack trees and attack graphs are both common graphical threat models used by organizations to better understand possible cybersecurity threats. These models have been primarily seen as separate entities, to be used and researched in…

Cryptography and Security · Computer Science 2021-10-07 Nathan Daniel Schiele , Olga Gadyatskaya

Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to…

Cryptography and Security · Computer Science 2023-09-19 Thomas Witte , Raffaela Groner , Alexander Raschke , Matthias Tichy , Irdin Pekaric , Michael Felderer

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees (ADTs) are a commonly used methodology for representing this interplay;…

Cryptography and Security · Computer Science 2025-04-18 Danut-Valentin Copae , Reza Soltani , Milan Lopuhaä-Zwakenberg

Identifying drawbacks or insufficiencies in terms of safety is important also in early development stages of safety critical systems. In industry, development artefacts such as components or units, are often reused from existing artefacts…

Software Engineering · Computer Science 2021-06-03 Kai Hoefig , Marc Zeller , Reiner Heilmann

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be…

Cryptography and Security · Computer Science 2024-05-20 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

Security risk management can be applied on well-defined or existing systems; in this case, the objective is to identify existing vulnerabilities, assess the risks and provide for the adequate countermeasures. Security risk management can…

Cryptography and Security · Computer Science 2014-04-09 Stéphane Paul

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and…

Cryptography and Security · Computer Science 2012-10-31 Barbara Kordy , Sjouke Mauw , Patrick Schweitzer

The growing size and complexity of software in embedded systems poses new challenges to the safety assessment of embedded control systems. In industrial practice, the control software is mostly treated as a black box during the system's…

Software Engineering · Computer Science 2021-06-01 Marc Zeller , Kai Hoefig , Jean-Pascal Schwinn

By exploiting the increasing surface attack of systems, cyber-attacks can cause catastrophic events, such as, remotely disable safety mechanisms. This means that in order to avoid hazards, safety and security need to be integrated,…

Logic in Computer Science · Computer Science 2019-01-03 Vivek Nigam , Alexander Pretschner , Harald Ruess

Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance,…

Cryptography and Security · Computer Science 2019-01-11 Ahto Buldas , Olga Gadyatskaya , Aleksandr Lenin , Sjouke Mauw , Rolando Trujillo-Rasua

Attack Trees (AT) are a popular formalism for security analysis. They are meant to display an attacker's goal decomposed into attack steps needed to achieve it and compute certain security metrics (e.g., attack cost, probability, and…

Cryptography and Security · Computer Science 2025-07-01 Ítalo Oliveira , Stefano M. Nicoletti , Gal Engelberg , Mattia Fumagalli , Dan Klein , Giancarlo Guizzardi
‹ Prev 1 2 3 10 Next ›