No Cover Image

Journal article 269 views 36 downloads

Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

Jeremy Bryans, Lin Shen Liew, Hoang Nguyen Orcid Logo, Giedre Sabaliauskaite Orcid Logo, Siraj Shaikh Orcid Logo

information, Volume: 14, Issue: 9

Swansea University Authors: Hoang Nguyen Orcid Logo, Giedre Sabaliauskaite Orcid Logo, Siraj Shaikh Orcid Logo

  • 64161.pdf

    PDF | Version of Record

    This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

    Download (1.3MB)

Check full text

DOI (Published version): 10.3390/info14090481

Abstract

Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees...

Full description

Published in: information
ISSN: 2078-2489
Published: MDPI 2023
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa64161
Tags: Add Tag
No Tags, Be the first to tag this record!
first_indexed 2023-08-30T08:24:12Z
last_indexed 2023-08-30T08:24:12Z
id cronfa64161
recordtype SURis
fullrecord <?xml version="1.0" encoding="utf-8"?><rfc1807 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><bib-version>v2</bib-version><id>64161</id><entry>2023-08-30</entry><title>Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis</title><swanseaauthors><author><sid>cb24d5c5080534dc5b5e3390f24dd422</sid><ORCID>0000-0003-0260-1697</ORCID><firstname>Hoang</firstname><surname>Nguyen</surname><name>Hoang Nguyen</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>6a674e2dbda3ec5f20599ce38199a7c3</sid><ORCID>0000-0003-1183-7001</ORCID><firstname>Giedre</firstname><surname>Sabaliauskaite</surname><name>Giedre Sabaliauskaite</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2023-08-30</date><deptcode>SCS</deptcode><abstract>Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.</abstract><type>Journal Article</type><journal>information</journal><volume>14</volume><journalNumber>9</journalNumber><paginationStart/><paginationEnd/><publisher>MDPI</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint/><issnElectronic>2078-2489</issnElectronic><keywords/><publishedDay>29</publishedDay><publishedMonth>8</publishedMonth><publishedYear>2023</publishedYear><publishedDate>2023-08-29</publishedDate><doi>10.3390/info14090481</doi><url/><notes/><college>COLLEGE NANME</college><department>Computer Science</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>SCS</DepartmentCode><institution>Swansea University</institution><apcterm>Another institution paid the OA fee</apcterm><funders/><projectreference/><lastEdited>2023-09-28T16:06:45.5358738</lastEdited><Created>2023-08-30T09:20:04.4505089</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Jeremy</firstname><surname>Bryans</surname><order>1</order></author><author><firstname>Lin Shen</firstname><surname>Liew</surname><order>2</order></author><author><firstname>Hoang</firstname><surname>Nguyen</surname><orcid>0000-0003-0260-1697</orcid><order>3</order></author><author><firstname>Giedre</firstname><surname>Sabaliauskaite</surname><orcid>0000-0003-1183-7001</orcid><order>4</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>5</order></author></authors><documents><document><filename>64161__28398__066265439b2740afade3e260ca0d5613.pdf</filename><originalFilename>64161.pdf</originalFilename><uploaded>2023-08-30T09:25:00.4806422</uploaded><type>Output</type><contentLength>1365698</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).</documentNotes><copyrightCorrect>false</copyrightCorrect><language>eng</language><licence>https://creativecommons.org/licenses/by/4.0/</licence></document></documents><OutputDurs/></rfc1807>
spelling v2 64161 2023-08-30 Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis cb24d5c5080534dc5b5e3390f24dd422 0000-0003-0260-1697 Hoang Nguyen Hoang Nguyen true false 6a674e2dbda3ec5f20599ce38199a7c3 0000-0003-1183-7001 Giedre Sabaliauskaite Giedre Sabaliauskaite true false 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false 2023-08-30 SCS Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain. Journal Article information 14 9 MDPI 2078-2489 29 8 2023 2023-08-29 10.3390/info14090481 COLLEGE NANME Computer Science COLLEGE CODE SCS Swansea University Another institution paid the OA fee 2023-09-28T16:06:45.5358738 2023-08-30T09:20:04.4505089 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Jeremy Bryans 1 Lin Shen Liew 2 Hoang Nguyen 0000-0003-0260-1697 3 Giedre Sabaliauskaite 0000-0003-1183-7001 4 Siraj Shaikh 0000-0002-0726-3319 5 64161__28398__066265439b2740afade3e260ca0d5613.pdf 64161.pdf 2023-08-30T09:25:00.4806422 Output 1365698 application/pdf Version of Record true This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). false eng https://creativecommons.org/licenses/by/4.0/
title Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
spellingShingle Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
Hoang Nguyen
Giedre Sabaliauskaite
Siraj Shaikh
title_short Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
title_full Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
title_fullStr Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
title_full_unstemmed Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
title_sort Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
author_id_str_mv cb24d5c5080534dc5b5e3390f24dd422
6a674e2dbda3ec5f20599ce38199a7c3
50117e8faac2d0937989e14847105704
author_id_fullname_str_mv cb24d5c5080534dc5b5e3390f24dd422_***_Hoang Nguyen
6a674e2dbda3ec5f20599ce38199a7c3_***_Giedre Sabaliauskaite
50117e8faac2d0937989e14847105704_***_Siraj Shaikh
author Hoang Nguyen
Giedre Sabaliauskaite
Siraj Shaikh
author2 Jeremy Bryans
Lin Shen Liew
Hoang Nguyen
Giedre Sabaliauskaite
Siraj Shaikh
format Journal article
container_title information
container_volume 14
container_issue 9
publishDate 2023
institution Swansea University
issn 2078-2489
doi_str_mv 10.3390/info14090481
publisher MDPI
college_str Faculty of Science and Engineering
hierarchytype
hierarchy_top_id facultyofscienceandengineering
hierarchy_top_title Faculty of Science and Engineering
hierarchy_parent_id facultyofscienceandengineering
hierarchy_parent_title Faculty of Science and Engineering
department_str School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science
document_store_str 1
active_str 0
description Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain.
published_date 2023-08-29T16:06:46Z
_version_ 1778294306258288640
score 11.012678

Similar Items