Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

Jeremy Bryans; Lin Shen Liew; Hoang Nga Nguyen; Giedre Sabaliauskaite; Siraj Ahmed Shaikh

doi:10.3390/info14090481

Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

Jeremy Bryans
, Lin Shen Liew
, Hoang Nga Nguyen
, Giedre Sabaliauskaite
, Siraj Ahmed Shaikh

Centre for Future Transport and Cities

Research output: Contribution to journal › Article › peer-review

4 Citations (Scopus)

35 Downloads (Pure)

Abstract

Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.

Original language	English
Article number	481
Number of pages	25
Journal	Information
Volume	14
Issue number	9
DOIs	https://doi.org/10.3390/info14090481
Publication status	Published - 29 Aug 2023

Bibliographical note

This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

Keywords

automotive cyber security
threat modelling
attack defense tree

Access to Document

10.3390/info14090481Licence: CC BY

Bryans2023VoRFinal published version, 1.03 MBLicence: CC BY

Cite this

@article{7ff8ee31fd3e4b519a19939645118eb9,

title = "Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis",

abstract = "Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.",

keywords = "automotive cyber security, threat modelling, attack defense tree",

author = "Jeremy Bryans and Liew, \{Lin Shen\} and Nguyen, \{Hoang Nga\} and Giedre Sabaliauskaite and Shaikh, \{Siraj Ahmed\}",

note = "This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).",

year = "2023",

month = aug,

day = "29",

doi = "10.3390/info14090481",

language = "English",

volume = "14",

journal = " Information ",

publisher = "MDPI",

number = "9",

}

TY - JOUR

T1 - Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

AU - Bryans, Jeremy

AU - Liew, Lin Shen

AU - Nguyen, Hoang Nga

AU - Sabaliauskaite, Giedre

AU - Shaikh, Siraj Ahmed

N1 - This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

PY - 2023/8/29

Y1 - 2023/8/29

N2 - Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.

AB - Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.

KW - automotive cyber security

KW - threat modelling

KW - attack defense tree

UR - https://www.scopus.com/pages/publications/85172202761

U2 - 10.3390/info14090481

DO - 10.3390/info14090481

M3 - Article

VL - 14

JO - Information

JF - Information

IS - 9

M1 - 481

ER -

Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this