Attack Trees with Sequential Conjunction
Title | Attack Trees with Sequential Conjunction |
Publication Type | Conference Paper |
Year of Publication | 2015 |
Authors | Jhawar R., Kordy B., Mauw S., Radomirović S., Trujillo-Rasua R. |
Conference Name | International Conference on ICT Systems Security and Privacy Protection (IFIPSEC), Hamburg, Germany |
Date Published | May |
Publisher | IFIP |
Abstract | We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes. |