Attack Defense Trees with Sequential Conjunction

Hoang Nga Nguyen, Jeremy Bryans, Siraj Shaikh

    Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

    6 Citations (Scopus)
    278 Downloads (Pure)

    Abstract

    Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.
    Original languageEnglish
    Title of host publicationProceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019
    EditorsCongfeng Jiang, Vu Nguyen, Dongjin Yu
    PublisherIEEE
    Pages247-252
    Number of pages6
    Volume2019-January
    ISBN (Electronic)978-1-5386-8540-2
    ISBN (Print)978-1-5386-8541-9
    DOIs
    Publication statusPublished - 25 Mar 2019
    EventWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE - Hangzhou, China
    Duration: 3 Jan 20195 Jan 2019

    Publication series

    NameProceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering
    PublisherIEEE
    ISSN (Print)1530-2059
    ISSN (Electronic)2640-7507

    Conference

    ConferenceWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE
    Abbreviated titleHASE 2019
    Country/TerritoryChina
    City Hangzhou
    Period3/01/195/01/19

    Bibliographical note

    © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must
    be obtained for all other uses, in any current or future media, including
    reprinting/republishing this material for advertising or promotional purposes,
    creating new collective works, for resale or redistribution to servers or lists, or
    reuse of any copyrighted component of this work in other works.

    Keywords

    • Semantics
    • Syntactics
    • Security
    • Industries
    • Automotive engineering
    • ISO Standards
    • Algebra
    • Attack defense trees
    • Cyber security
    • Formal semantics

    ASJC Scopus subject areas

    • Software
    • Safety, Risk, Reliability and Quality

    Fingerprint

    Dive into the research topics of 'Attack Defense Trees with Sequential Conjunction'. Together they form a unique fingerprint.

    Cite this