Integrating Cyber Attacks within Fault Trees

NAI, FOVINO Igor; MASERA, Marcelo; DECIAN, Alessio

doi:10.1016/j.ress.2009.02.020

An official website of the European Union How do you know?

Integrating Cyber Attacks within Fault Trees

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

NAI FOVINO Igor; MASERA Marcelo; DECIAN Alessio;

2009-07-07

ELSEVIER SCI LTD

JRC52584

0951-8320,

https://publications.jrc.ec.europa.eu/repository/handle/JRC52584,

10.1016/j.ress.2009.02.020,

Language	Citation

Name	Country	City	Type

Datasets

ID	Title	Public URL

Dataset collections

ID	Acronym	Title	Public URL

Scripts / source codes

Description	Public URL

Additional supporting files

File name	Description	File type

Show metadata record Copy citation url to clipboard Download BibTeX

Items published in the JRC Publications Repository are protected by copyright, with all rights reserved, unless otherwise indicated. Additional information: https://ec.europa.eu/info/legal-notice_en#copyright-notice