Abstract
Attack and Defense Trees (ADT) constitute a formal modeling technique that has become dominant in recent years in the area of qualitative and quantitative cybersecurity analysis of ICT and digital control systems. A Weighted-ADT (WADT) is augmented with cost or impact attributes to evidence the most convenient attack sequence in terms of investment budget and provoked damage and to provide an indication on how to mitigate the located breaches by means of suitable countermeasures. The original analysis technique proposed in this paper is based on the representation of a WADT by means of an extension of Binary Decision Diagrams (BDD), called Multi Terminal Binary Decision Diagrams (MTBDD). MTBDDs allow the modeler to evaluate the probability distribution function of the cost and impact related to any possible attack scenario. A running example illustrates the methodology.
Lingua originale | Inglese |
---|---|
pagine (da-a) | 133-138 |
Numero di pagine | 6 |
Rivista | IFAC-PapersOnLine |
Volume | 4 |
Numero di pubblicazione | PART 1 |
DOI | |
Stato di pubblicazione | Pubblicato - 2013 |
Evento | 4th IFAC Workshop on Dependable Control of Discrete Systems, DCDS 2013 - York, United Kingdom Durata: 4 set 2013 → 6 set 2013 |