Attack Defense Trees with Sequential Conjunction

Hoang Nga Nguyen, Jeremy Bryans, Siraj Shaikh

    Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

    10 Citations (Scopus)
    337 Downloads (Pure)


    Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.
    Original languageEnglish
    Title of host publicationProceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019
    EditorsCongfeng Jiang, Vu Nguyen, Dongjin Yu
    Number of pages6
    ISBN (Electronic)978-1-5386-8540-2
    ISBN (Print)978-1-5386-8541-9
    Publication statusPublished - 25 Mar 2019
    EventWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE - Hangzhou, China
    Duration: 3 Jan 20195 Jan 2019

    Publication series

    NameProceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering
    ISSN (Print)1530-2059
    ISSN (Electronic)2640-7507


    ConferenceWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE
    Abbreviated titleHASE 2019
    City Hangzhou

    Bibliographical note

    © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must
    be obtained for all other uses, in any current or future media, including
    reprinting/republishing this material for advertising or promotional purposes,
    creating new collective works, for resale or redistribution to servers or lists, or
    reuse of any copyrighted component of this work in other works.


    • Semantics
    • Syntactics
    • Security
    • Industries
    • Automotive engineering
    • ISO Standards
    • Algebra
    • Attack defense trees
    • Cyber security
    • Formal semantics

    ASJC Scopus subject areas

    • Software
    • Safety, Risk, Reliability and Quality


    Dive into the research topics of 'Attack Defense Trees with Sequential Conjunction'. Together they form a unique fingerprint.

    Cite this