Reference : Bridging two worlds: Reconciling practical risk assessment methodologies with theory ...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
Bridging two worlds: Reconciling practical risk assessment methodologies with theory of attack trees
Gadyatskaya, Olga mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) >]
Harpes, Carlo [> >]
Mauw, Sjouke mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Muller, Cedric [> >]
Muller, Steve []
Proc. of GraMSec
LNCS 9987
The Third International Workshop on Graphical Models for Security (GraMSec)
[en] risk assessment ; attack trees ; countermeasure selection
[en] Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this short paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.
Interdisciplinary Centre for Security, Reliability and Trust - SnT
European Commission - EC
Researchers ; Professionals ; Students ; General public
The original publication is available at
FP7 ; 318003 - TRESPASS - Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security
FnR ; FNR5809105 > Sjouke Mauw > ADT2P > Attack-Defence Trees: Theory Meets Practice > 01/07/2014 > 30/06/2017 > 2013

File(s) associated to this reference

Fulltext file(s):

Limited access
Bridging_Two_Worlds-CR.pdfAuthor postprint596.15 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.