Related papers: Fuzzy quantitative attack tree analysis
Fault tree analysis is a vital method of assessing safety risks. It helps to identify potential causes of accidents, assess their likelihood and severity, and suggest preventive measures. Quantitative analysis of fault trees is often done…
Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance,…
We provide a rigorous framework for handling uncertainty in quantitative fault tree analysis based on fuzzy theory. We show that any algorithm for fault tree unreliability analysis can be adapted to this framework in a fully general and…
Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely…
Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is; typical metrics being…
Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and…
Ranking risks and countermeasures is one of the foremost goals of quantitative security analysis. One of the popular frameworks, used also in industrial practice, for this task are attack-defense trees. Standard quantitative analyses…
The concept of a fuzzy number is generalized to the case of a finite carrier set of partially ordered elements, more precisely, a lattice, when a membership function also takes values in a partially ordered set (a lattice). Zadeh's…
Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be…
Pandora temporal fault tree, as one notable extension of the fault tree, introduces temporal gates and temporal laws. Pandora Temporal Fault Tree(TFT) enhances the capability of fault trees and enables the modeling of system failure…
Attack Trees (ATs) are a widely used tool for security analysis. ATs can be employed in quantitative security analysis through metrics, which assign a security value to an AT. Many different AT metrics exist, and there exist multiple…
Fuzzy logic is an alternate approach for quantifying uncertainty relating to activity duration. The fuzzy version of the backward recursion has been shown to produce results that incorrectly amplify the level of uncertainty. However, the…
Attack Trees are a graphical model of security used to study threat scenarios. While visually appealing and supported by solid theories and effective tools, one of their main drawbacks remains the amount of effort required by security…
Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…
Risk specialists are trying to understand risk better and use complex models for risk assessment, while many risks are not yet well understood. The lack of empirical data and complex causal and outcome relationships make it difficult to…
Domain-specific quantitative modeling and analysis approaches are fundamental in scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we present a tool-supported approach to quantitative graph-based…
Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…
Decision trees have been widely used in machine learning. However, due to some reasons, data collecting in real world contains a fuzzy and uncertain form. The decision tree should be able to handle such fuzzy data. This paper presents a…
Evaluating argument strength in quantitative argumentation systems has received increasing attention in the field of abstract argumentation. The concept of acceptability degree is widely adopted in gradual semantics, however, it may not be…
Fuzzy rule-based systems have been mostly used in interpretable decision-making because of their interpretable linguistic rules. However, interpretability requires both sensible linguistic partitions and small rule-base sizes, which are not…