Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Graphical Models for Security

GraMSec 2016: Graphical Models for Security pp 25–38Cite as

On the Soundness of Attack Trees

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9987))

Abstract

We formally define three notions of soundness of an attack tree w.r.t. the system it refers to: admissibility, consistency, and completeness. The system is modeled as a labeled transition system and the attack is provided with semantics in terms of paths of the transition system. We show complexity results on the three notions of soundness, and the influence of the operators that are in the attack tree (see the recap in Fig. 5).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    The children of the internal node.

  2. 2.

    See further for details.

  3. 3.

    That is the negative instances of the decision problem, i.e. those for which the answer is “no”, are fully characterized by a polynomial-time non-deterministic algorithm.

  4. 4.

    Which is classically called an oracle.

  5. 5.

    The answer is “Yes/No”.

  6. 6.

    The answers “Yes/No” are swapped.

  7. 7.

    Which is classically called an oracle.

  8. 8.

    This is classic and it is no loss of generality.

  9. 9.

    Namely that the answer is “no”.

  10. 10.

    By Proposition 4 it is enough to consider paths whose size is polynomial in .

References

  1. Clarke, E.M., Emerson, A.E.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Kozen, D. (ed.) Logic of Programs. LNCS, vol. 131, pp. 52–71. Springer, Heidelberg (1981)

    Chapter  Google Scholar 

  2. Cook, S.A.: The complexity of theorem-proving procedures. In: Conference Record of Third Annual ACM Symposium on Theory of Computing, Shaker Heights, Ohio, 3–5 May 1971, pp. 151–158 (1971)

    Google Scholar 

  3. Garey, M.R., Johnson, D.S.: Computers and Intractability. A Guide to the Theory of NP-Completeness. Freeman, New York (1979)

    MATH  Google Scholar 

  4. Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D., Chakravarthy, S.R. (eds.) SEC 2015. IFIP AICT, vol. 455, pp. 339–353. Springer, Heidelberg (2015). doi:10.1007/978-3-319-18467-8_23

    Chapter  Google Scholar 

  5. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. 24(1), 55–87 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  6. Lenzini, G., Mauw, S., Ouchani, S.: Security analysis of socio-technical physical systems. Comput. Electr. Eng. 47, 258–274 (2015)

    Article  Google Scholar 

  7. Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Heidelberg (2016). doi:10.1007/978-3-319-29968-6_7

    Chapter  Google Scholar 

  8. Schneier, B.: Attack trees. Dr. Dobb’s J. Softw. Tools 24(12), 21–29 (1999)

    Google Scholar 

  9. Schnoebelen, P.: The complexity of temporal logic model checking. Adv. Modal Logic 4(393–436), 35 (2002)

    Google Scholar 

  10. Stockmeyer, L.J.: The polynomial-time hierarchy. Theoret. Comput. Sci. 3(1), 1–22 (1976)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IRISA, Campus de Beaulieu, 35042, Rennes Cedex, France

    Maxime Audinot & Sophie Pinchinat

Authors
  1. Maxime Audinot
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sophie Pinchinat
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Maxime Audinot or Sophie Pinchinat .

Editor information

Editors and Affiliations

  1. INSA Rennes & IRISA, Rennes, France

    Barbara Kordy

  2. KTH Royal Institute of Technology , Stockholm, Sweden

    Mathias Ekstedt

  3. University of Canterbury , Christchurch, New Zealand

    Dong Seong Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Audinot, M., Pinchinat, S. (2016). On the Soundness of Attack Trees. In: Kordy, B., Ekstedt, M., Kim, D. (eds) Graphical Models for Security. GraMSec 2016. Lecture Notes in Computer Science(), vol 9987. Springer, Cham. https://doi.org/10.1007/978-3-319-46263-9_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-46263-9_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46262-2

  • Online ISBN: 978-3-319-46263-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation