Title: On the Methods to Model and Analyze Attack Scenarios with Fault Trees
Citation: Proceedings of the ESREL 2008 Annual Conference p. 3135-3142
Publisher: Taylor & Francis Group
Publication Year: 2009
JRC N°: JRC44427
URI: http://www.esrel2008.com/index.aspx
Type: Articles in periodicals and books
Abstract: Security Risk (SR) is the term used to indicate the risk of accident caused by deliberate actions. In order to reduce SR it is necessary to reduce the vulnerability of the facility to possible attacks by identify-ing the critical assets, the attack scenarios and by evaluating the adequacy of the existing security measures. Compared with the risk due to unwanted dangerous events, security risk is a more complex problem, since it involves aspects that in the safety and reliability domain are generally overlooked. In security related applica-tions, different methods are available for the modeling and quantification of attack scenarios via the FT tech-nique. In this paper, we will briefly discuss the possibility of defining a security risk, and subsequently inves-tigate the potentialities of the fault tree technique in modeling and quantifying possible attack scenarios. In particular, the paper will elaborate on the suitability of the FT technique for quantifying an overall aggregated index (TOP event probability) for all the possible sequences leading to an identified security breach (e.g. stealing of nuclear material, sabotage, etc), giving some hints on how such quantification could be achieved.
JRC Directorate:Space, Security and Migration

Files in This Item:
There are no files associated with this item.

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.