Journal article 455 views 62 downloads
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
Jeremy Bryans,
Lin Shen Liew,
Hoang Nguyen 
,
Giedre Sabaliauskaite ,
Siraj Shaikh
,
Giedre Sabaliauskaite ,
Siraj Shaikh
information, Volume: 14, Issue: 9
Swansea University Authors:
Hoang Nguyen , Giedre Sabaliauskaite , Siraj Shaikh
-
PDF | Version of Record
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Download (1.3MB)
DOI (Published version): 10.3390/info14090481
Abstract
Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees...
| Published in: | information |
|---|---|
| ISSN: | 2078-2489 |
| Published: |
MDPI
2023
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa64161 |
| first_indexed |
2023-08-30T08:24:12Z |
|---|---|
| last_indexed |
2024-11-25T14:13:33Z |
| id |
cronfa64161 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2023-09-28T16:06:45.5358738</datestamp><bib-version>v2</bib-version><id>64161</id><entry>2023-08-30</entry><title>Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis</title><swanseaauthors><author><sid>cb24d5c5080534dc5b5e3390f24dd422</sid><ORCID>0000-0003-0260-1697</ORCID><firstname>Hoang</firstname><surname>Nguyen</surname><name>Hoang Nguyen</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>6a674e2dbda3ec5f20599ce38199a7c3</sid><ORCID>0000-0003-1183-7001</ORCID><firstname>Giedre</firstname><surname>Sabaliauskaite</surname><name>Giedre Sabaliauskaite</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2023-08-30</date><deptcode>MACS</deptcode><abstract>Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.</abstract><type>Journal Article</type><journal>information</journal><volume>14</volume><journalNumber>9</journalNumber><paginationStart/><paginationEnd/><publisher>MDPI</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint/><issnElectronic>2078-2489</issnElectronic><keywords/><publishedDay>29</publishedDay><publishedMonth>8</publishedMonth><publishedYear>2023</publishedYear><publishedDate>2023-08-29</publishedDate><doi>10.3390/info14090481</doi><url/><notes/><college>COLLEGE NANME</college><department>Mathematics and Computer Science School</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>MACS</DepartmentCode><institution>Swansea University</institution><apcterm>Another institution paid the OA fee</apcterm><funders/><projectreference/><lastEdited>2023-09-28T16:06:45.5358738</lastEdited><Created>2023-08-30T09:20:04.4505089</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Jeremy</firstname><surname>Bryans</surname><order>1</order></author><author><firstname>Lin Shen</firstname><surname>Liew</surname><order>2</order></author><author><firstname>Hoang</firstname><surname>Nguyen</surname><orcid>0000-0003-0260-1697</orcid><order>3</order></author><author><firstname>Giedre</firstname><surname>Sabaliauskaite</surname><orcid>0000-0003-1183-7001</orcid><order>4</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>5</order></author></authors><documents><document><filename>64161__28398__066265439b2740afade3e260ca0d5613.pdf</filename><originalFilename>64161.pdf</originalFilename><uploaded>2023-08-30T09:25:00.4806422</uploaded><type>Output</type><contentLength>1365698</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).</documentNotes><copyrightCorrect>false</copyrightCorrect><language>eng</language><licence>https://creativecommons.org/licenses/by/4.0/</licence></document></documents><OutputDurs/></rfc1807> |
| spelling |
2023-09-28T16:06:45.5358738 v2 64161 2023-08-30 Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis cb24d5c5080534dc5b5e3390f24dd422 0000-0003-0260-1697 Hoang Nguyen Hoang Nguyen true false 6a674e2dbda3ec5f20599ce38199a7c3 0000-0003-1183-7001 Giedre Sabaliauskaite Giedre Sabaliauskaite true false 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false 2023-08-30 MACS Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain. Journal Article information 14 9 MDPI 2078-2489 29 8 2023 2023-08-29 10.3390/info14090481 COLLEGE NANME Mathematics and Computer Science School COLLEGE CODE MACS Swansea University Another institution paid the OA fee 2023-09-28T16:06:45.5358738 2023-08-30T09:20:04.4505089 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Jeremy Bryans 1 Lin Shen Liew 2 Hoang Nguyen 0000-0003-0260-1697 3 Giedre Sabaliauskaite 0000-0003-1183-7001 4 Siraj Shaikh 0000-0002-0726-3319 5 64161__28398__066265439b2740afade3e260ca0d5613.pdf 64161.pdf 2023-08-30T09:25:00.4806422 Output 1365698 application/pdf Version of Record true This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). false eng https://creativecommons.org/licenses/by/4.0/ |
| title |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| spellingShingle |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis Hoang Nguyen Giedre Sabaliauskaite Siraj Shaikh |
| title_short |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| title_full |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| title_fullStr |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| title_full_unstemmed |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| title_sort |
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis |
| author_id_str_mv |
cb24d5c5080534dc5b5e3390f24dd422 6a674e2dbda3ec5f20599ce38199a7c3 50117e8faac2d0937989e14847105704 |
| author_id_fullname_str_mv |
cb24d5c5080534dc5b5e3390f24dd422_***_Hoang Nguyen 6a674e2dbda3ec5f20599ce38199a7c3_***_Giedre Sabaliauskaite 50117e8faac2d0937989e14847105704_***_Siraj Shaikh |
| author |
Hoang Nguyen Giedre Sabaliauskaite Siraj Shaikh |
| author2 |
Jeremy Bryans Lin Shen Liew Hoang Nguyen Giedre Sabaliauskaite Siraj Shaikh |
| format |
Journal article |
| container_title |
information |
| container_volume |
14 |
| container_issue |
9 |
| publishDate |
2023 |
| institution |
Swansea University |
| issn |
2078-2489 |
| doi_str_mv |
10.3390/info14090481 |
| publisher |
MDPI |
| college_str |
Faculty of Science and Engineering |
| hierarchytype |
|
| hierarchy_top_id |
facultyofscienceandengineering |
| hierarchy_top_title |
Faculty of Science and Engineering |
| hierarchy_parent_id |
facultyofscienceandengineering |
| hierarchy_parent_title |
Faculty of Science and Engineering |
| department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
| document_store_str |
1 |
| active_str |
0 |
| description |
Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain. |
| published_date |
2023-08-29T20:37:01Z |
| _version_ |
1822073417983066112 |
| score |
11.048302 |