Towards Synthesis of Attack Trees for Supporting Computer-Aided Risk Analysis

Sophie Pinchinat 1 Mathieu Acher 2 Didier Vojtisek 2
1 LogicA - Logic and Applications
ENS Cachan - École normale supérieure - Cachan, UR1 - Université de Rennes 1, IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
2 DiverSe - Diversity-centric Software Engineering
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : Attack trees are widely used in the fields of defense for the analysis of risks (or threats) against electronics systems, computer control systems or physical systems. Based on the analysis of attack trees, practitioners can define actions to engage in order to reduce or annihilate risks. A major barrier to support computer-aided risk analysis is that attack trees can become largely complex and thus hard to specify. This paper is a first step towards a methodology, formal foundations as well as automated techniques to synthesize attack trees from a high-level description of a system. Attacks are expressed as a succession of elementary actions and high-level actions can be used to abstract and organize attacks into exploitable attack trees. We describe our tooling support and identify open challenges for supporting the analysis of risks.
Type de document :
Communication dans un congrès
Workshop on Formal Methods in the Development of Software (co-located with SEFM), Sep 2014, Grenoble, France. 2014
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger
https://hal.inria.fr/hal-01064645
Contributeur : Mathieu Acher <>
Soumis le : mardi 16 septembre 2014 - 17:10:09
Dernière modification le : vendredi 16 novembre 2018 - 01:38:10
Document(s) archivé(s) le : mercredi 17 décembre 2014 - 11:41:42

Fichier

SEFM-FMDS.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01064645, version 1

Collections

UNIV-RENNES1 | INRIA | IRISA | IRISA-D4 | ENS-CACHAN | INSTITUT-TELECOM | UR1-UFR-ISTIC | UNIV-RENNES

Citation

Sophie Pinchinat, Mathieu Acher, Didier Vojtisek. Towards Synthesis of Attack Trees for Supporting Computer-Aided Risk Analysis. Workshop on Formal Methods in the Development of Software (co-located with SEFM), Sep 2014, Grenoble, France. 2014. 〈hal-01064645〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

634

Téléchargements de fichiers

425

Contact


archive-ouverte@inria.fr