Attack Trees with Sequential Conjunction

TitleAttack Trees with Sequential Conjunction
Publication TypeConference Paper
Year of Publication2015
AuthorsJhawar R., Kordy B., Mauw S., Radomirović S., Trujillo-Rasua R.
Conference NameInternational Conference on ICT Systems Security and Privacy Protection (IFIPSEC), Hamburg, Germany
Date PublishedMay

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.