Fault trees (FT) are widespread models in the field of reliability, but they lack of modelling power. So, in the literature, several extensions have been proposed and introduced specific new modelling primitives. Attack trees (AT) have gained acceptance in the field of security. They follow the same notation of standard FT, but they represent the combinations of actions necessary for the success of an attack to a computing system. In this paper, we extend the AT formalism by exploiting the new primitives introduced in the FT extensions. This leads to more accurate models. The approach is applied to a case study: the AT is exploited to represent the attack mode and compute specific quantitative measures about the system security.
A preliminary application of Generalized Fault Trees to security
CODETTA RAITERI, Daniele
2013-01-01
Abstract
Fault trees (FT) are widespread models in the field of reliability, but they lack of modelling power. So, in the literature, several extensions have been proposed and introduced specific new modelling primitives. Attack trees (AT) have gained acceptance in the field of security. They follow the same notation of standard FT, but they represent the combinations of actions necessary for the success of an attack to a computing system. In this paper, we extend the AT formalism by exploiting the new primitives introduced in the FT extensions. This leads to more accurate models. The approach is applied to a case study: the AT is exploited to represent the attack mode and compute specific quantitative measures about the system security.| File | Dimensione | Formato | |
|---|---|---|---|
|
secrypt.pdf
file disponibile solo agli amministratori
Tipologia:
Documento in Pre-print
Licenza:
DRM non definito
Dimensione
210.73 kB
Formato
Adobe PDF
|
210.73 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
