Abstract
Attack and Defense Trees (ADT) constitute a formal modeling technique that has become dominant in recent years in the area of qualitative and quantitative cybersecurity analysis of ICT and digital control systems. A Weighted-ADT (WADT) is augmented with cost or impact attributes to evidence the most convenient attack sequence in terms of investment budget and provoked damage and to provide an indication on how to mitigate the located breaches by means of suitable countermeasures. The original analysis technique proposed in this paper is based on the representation of a WADT by means of an extension of Binary Decision Diagrams (BDD), called Multi Terminal Binary Decision Diagrams (MTBDD). MTBDDs allow the modeler to evaluate the probability distribution function of the cost and impact related to any possible attack scenario. A running example illustrates the methodology.
Original language | English |
---|---|
Pages (from-to) | 133-138 |
Number of pages | 6 |
Journal | IFAC-PapersOnLine |
Volume | 4 |
Issue number | PART 1 |
DOIs | |
Publication status | Published - 2013 |
Event | 4th IFAC Workshop on Dependable Control of Discrete Systems, DCDS 2013 - York, United Kingdom Duration: 4 Sept 2013 → 6 Sept 2013 |
Keywords
- Multi-terminal binary decision diagrams
- System security
- Weighted attack and defence trees