Parametric Analyses of Attack-fault Trees*-Reference-Cited by-同舟云学术

Parametric Analyses of Attack-fault Trees*

Published:2021-09-30 Issue:1 Volume:182 Page:69-94
ISSN:0169-2968
Container-title:Fundamenta Informaticae
language:
Short-container-title:FI

Author:

André Étienne¹,Lime Didier²,Ramparison Mathias³,Stoelinga Mariëlle⁴

Affiliation:

1. Université de Lorraine, CNRS, Inria, LORIA, F-54000 Nancy, France. eandre93430@lipn13.fr

2. École Centrale de Nantes, LS2N, CNRS, UMR 6004, Nantes, France. Didier.Lime@ec-nantes.fr

3. Université Sorbonne Paris Nord, LIPN, CNRS, F-93430, Villetaneuse, France. mathias.ramparison@uni.lu

4. Formal Methods and Tools, University of Twente, The Netherlands. m.i.a.stoelinga@utwente.nl

Abstract

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i. e., absence of unintentional failures) and security (i. e., no disruptions due to attackers) are conditions that must be guaranteed. One of the traditional tools used to consider these problems is attack trees, a tree-based formalism inspired by fault trees, a well-known formalism used in safety engineering. In this paper we define and implement the translation of attack-fault trees (AFTs) to a new extension of timed automata, called parametric weighted timed automata. This allows us to parameterize constants such as time and discrete costs in an AFT and then, using the model-checker IMITATOR, to compute the set of parameter values such that a successful attack is possible. Moreover, we add the possibility to define counter-measures. Using the different sets of parameter values computed, different attack and fault scenarios can be deduced depending on the budget, time or computation power of the attacker, providing helpful data to select the most efficient counter-measure.

Publisher

IOS Press

Subject

Computational Theory and Mathematics,Information Systems,Algebra and Number Theory,Theoretical Computer Science

Cited by 7 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Methodology of Testing the Security of Cryptographic Protocols Using the CMMTree Framework;Applied Sciences;2023-11-25

2. Cost-Damage Analysis of Attack Trees;2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN);2023-06

3. Model-Based Generation of Attack-Fault Trees;Lecture Notes in Computer Science;2023

4. Modeling Cyberattack Propagation and Impacts on Cyber-Physical System Safety: An Experiment;Electronics;2022-12-25

5. Timed Automata as a Formalism for Expressing Security: A Survey on Theory and Practice;ACM Computing Surveys;2022-12-07