Reference : Attribute Decoration of Attack-Defense Trees
Scientific journals : Article
Engineering, computing & technology : Computer science
Attribute Decoration of Attack-Defense Trees
Bagnato, Alessandra mailto [TXT e-solutions, Italy]
Kordy, Barbara mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Meland, Per H. mailto [SINTEF ICT, Norway]
Schweitzer, Patrick mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
International Journal of Secure Software Engineering
IGI Global
[en] Attack-Defense Trees ; Attack Trees ; Case Study ; Attributes
[en] Attack-defense trees can be used as part of threat and risk analysis for system development and maintenance. They are an extension of attack trees with defense measures. Moreover, tree nodes can be decorated with attributes, such as probability, impact and penalty, to increase the expressiveness of the model. Attribute values are typically assigned based on cognitive estimations and historically recorded events. This paper presents a practical case study with attack-defense trees. First, we create an attack-defense tree for an RFID-based goods management system for a warehouse. Then, we explore how to use a rich set of attributes for attack and defense nodes and how to assign and aggregate values to obtain condensed information, such as performance indicators or other key security figures. We discuss different modeling choices and trade-offs. The case study led us to define concrete guidelines that can be used by software developers, security analysts and system owners when performing similar assessments.

File(s) associated to this reference

Fulltext file(s):

Limited access
IJSSE12.pdfAuthor postprint727.35 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.