Attack Trees with Sequential Conjunction
We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator $${\mathtt {SAND}}$$ . This operator enables the mode...
Saved in:
| Published in | ICT Systems Security and Privacy Protection pp. 339 - 353 |
|---|---|
| Main Authors | , , , , |
| Format | Book Chapter |
| Language | English |
| Published |
Cham
Springer International Publishing
2015
|
| Series | IFIP Advances in Information and Communication Technology |
| Subjects | |
| Online Access | Get full text |
| ISBN | 3319184660 9783319184661 |
| ISSN | 1868-4238 1868-422X 1868-422X |
| DOI | 10.1007/978-3-319-18467-8_23 |
Cover
| Summary: | We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator $${\mathtt {SAND}}$$ . This operator enables the modeling of ordered events.
We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes. |
|---|---|
| Bibliography: | Original Abstract: We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${\mathtt {SAND}}$$\end{document}. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes. |
| ISBN: | 3319184660 9783319184661 |
| ISSN: | 1868-4238 1868-422X 1868-422X |
| DOI: | 10.1007/978-3-319-18467-8_23 |