Beyond 2014: Formal Methods for Attack Tree--based Security Modeling
W Wideł, M Audinot, B Fila, S Pinchinat - ACM Computing Surveys …, 2019 - dl.acm.org
Attack trees are a well established and commonly used framework for security modeling.
They provide a readable and structured representation of possible attacks against a system …
They provide a readable and structured representation of possible attacks against a system …
Timed automata as a formalism for expressing security: A survey on theory and practice
J Arcile, É André - ACM Computing Surveys, 2022 - dl.acm.org
Timed automata are a common formalism for the verification of concurrent systems subject to
timing constraints. They extend finite-state automata with clocks, that constrain the system …
timing constraints. They extend finite-state automata with clocks, that constrain the system …
Nodemedic: End-to-end analysis of node. js vulnerabilities with provenance graphs
Packages in the Node. js ecosystem often suffer from serious vulnerabilities such as
arbitrary command injection and code execution. Existing taint analysis tools fall short in …
arbitrary command injection and code execution. Existing taint analysis tools fall short in …
Exploiting attack–defense trees to find an optimal set of countermeasures
B Fila, W Wideł - 2020 IEEE 33rd computer security …, 2020 - ieeexplore.ieee.org
Selecting the most pertinent countermeasures to secure a system is one of the ultimate
goals of risk assessment. In this context, it is important to rely on modeling methods that the …
goals of risk assessment. In this context, it is important to rely on modeling methods that the …
Modelling and Analysing ERTMS L3 Moving Block Railway Signalling with Simulink and Uppaal SMC
Efficient and safe railway signalling systems, together with energy-saving infrastructures, are
among the main pillars to guarantee sustainable transportation. ERTMS L3 moving block is …
among the main pillars to guarantee sustainable transportation. ERTMS L3 moving block is …
Attribute evaluation on attack trees with incomplete information
Attack trees are considered a useful tool for security modelling because they support
qualitative as well as quantitative analysis. The quantitative approach is based on values …
qualitative as well as quantitative analysis. The quantitative approach is based on values …
On quantitative analysis of attack–defense trees with repeated labels
B Kordy, W Wideł - Principles of Security and Trust: 7th International …, 2018 - Springer
Ensuring security of complex systems is a difficult task that requires utilization of numerous
tools originating from various domains. Among those tools we find attack–defense trees, a …
tools originating from various domains. Among those tools we find attack–defense trees, a …
Is my attack tree correct?
M Audinot, S Pinchinat, B Kordy - … on Research in Computer Security, Oslo …, 2017 - Springer
Attack trees are a popular way to represent and evaluate potential security threats on
systems or infrastructures. The goal of this work is to provide a framework allowing to …
systems or infrastructures. The goal of this work is to provide a framework allowing to …
Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis
Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS)
are becoming increasingly complex, but demonstrating the security of CPS is hard and …
are becoming increasingly complex, but demonstrating the security of CPS is hard and …
[PDF][PDF] Effective analysis of attack trees: A model-driven approach
Attack trees (ATs) are a popular formalism for security analysis, and numerous variations
and tools have been developed around them. These were mostly developed independently …
and tools have been developed around them. These were mostly developed independently …