Abstract
A \(\mathtt {SAND}\) attack tree is a graphical model decomposing an attack scenario into basic actions to be executed by the attacker. \(\mathtt {SAND}\) attack trees extend classical attack trees by including the sequential conjunctive operator (\(\mathtt {SAND}\)) to the formalism. They thus allow to differentiate actions that need to be executed sequentially from those that can be performed in parallel. Since several structurally different \(\mathtt {SAND}\) attack trees can represent the same attack scenario, it is important to be able to decide which \(\mathtt {SAND}\) attack trees are equivalent.
SPTool is free, open source software for checking equivalence of \(\mathtt {SAND}\) attack trees and computing their canonical forms. It relies on term rewriting techniques and an equational theory axiomatizing SAND attack trees.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amenaza: SecurITree. http://www.amenaza.com/SS-what_is.php (2001–2012)
Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C.: All About Maude - A High-performance Logical Framework: How to Specify Program and Verify Systems in Rewriting Logic, vol. 4350. Springer, Heidelberg (2007)
Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Cham (2016). doi:10.1007/978-3-319-43425-4_10
Isograph: AttackTree+. http://www.isograph.com/software/attacktree/
Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). doi:10.1007/978-3-319-18467-8_23
Kordy, B., Mauw, S., Radomirovic, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55–87 (2014)
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014)
Kordy, B., Pouly, M., Schweitzer, P.: Probabilistic reasoning with graphical security models. Inf. Sci. 342, 111–131 (2016)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). doi:10.1007/11734727_17
Paul, S.: Towards automating the construction maintenance of attack trees: a feasibility study. In: Kordy, B., Mauw, S., Pieters, W. (eds.) GraMSec 2014, EPTCS, vol. 148, pp. 31–46 (2014)
Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Cham (2016). doi:10.1007/978-3-319-29968-6_7
Acknowledgments
The research leading to these results has received funding from the EU Seventh Framework Programme (TREsPASS, grant number 318003) and from FNR Luxembourg (ADT2P, grant number C13/IS/5809105).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kordy, B., Kordy, P., van den Boom, Y. (2017). SPTool – Equivalence Checker for \(\mathtt {SAND}\) Attack Trees. In: Cuppens, F., Cuppens, N., Lanet, JL., Legay, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2016. Lecture Notes in Computer Science(), vol 10158. Springer, Cham. https://doi.org/10.1007/978-3-319-54876-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-54876-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54875-3
Online ISBN: 978-3-319-54876-0
eBook Packages: Computer ScienceComputer Science (R0)