Whiting, Declan and Sokoros, Ioannis and Papadopoulos, Yiannis and Regan, Gilbert and O'Carroll, Eoin (2019) Automated Model-based Attack Tree Analysis using HiP-HOPS. In: 6th International Symposium, IMBSA 2019. Model-Based Safety and Assessment., October 16–18, 2019, Thessaloniki, Greece.
Preview |
PDF
Download (545kB) | Preview |
Abstract
As Cyber-Physical Systems (CPS) grow increasingly complex and interact with external CPS, system security remains a nontrivial challenge that continues to scale accordingly, with potentially devastating consequences if left unchecked. While there is a significant body of work on system security found in industry practice, manual diagnosis of security vulnerabilities is still widely applied. Such approaches are typically resource-intensive, scale poorly and introduce additional risk due to human error. In this paper, a model-based approach for Security Attack Tree analysis using the HiP-HOPS dependability analysis tool is presented. The approach is demonstrated within the context of a simple web-based medical application to automatically generate attack trees, encapsulated as Digital Dependability Identities (DDIs), for offline security analysis. The paper goes on to present how the produced DDIs can be used to approach security maintenance, identifying security capabilities and controls to counter diagnosed vulnerabilities.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Uncontrolled Keywords: | Attack trees; Digital dependability identities; HiP-HOPS |
| Subjects: | Science Computer Science > Computer Software |
| Research Centres: | Regulated Software Research Centre |
| Depositing User: | Sean McGreal |
| Date Deposited: | 21 Jan 2020 09:30 |
| Last Modified: | 21 Jan 2020 11:02 |
| License: | Creative Commons: Attribution-Noncommercial-Share Alike 4.0 |
| URI: | https://eprints.dkit.ie/id/eprint/666 |
Actions (login required)
 |
View Item |
Downloads
Downloads per month over past year
