Abstract
Attack trees (ATs) are a popular formalism for security analysis, and numerous variations and tools have been developed around them. These were mostly developed independently, and offer little interoperability or ability to combine various AT features.We present ATTop, a software bridging tool that enables automated analysis of ATs using a model-driven engineering approach. ATTop fulfills two purposes: 1. It facilitates interoperation between several AT analysis methodologies and resulting tools (e.g., ATE, ATCalc, ADTool 2.0), 2. it can perform a comprehensive analysis of attack trees by translating them into timed automata and analyzing them using the popular model checker Uppaal, and translating the analysis results back to the original ATs. Technically, our approach uses various metamodels to provide a unified description of AT variants. Based on these metamodels, we perform model transformations that allow to apply various analysis methods to an AT and trace the results back to the AT domain. We illustrate our approach on the basis of a case study from the AT literature.
Original language | English |
---|---|
Title of host publication | Fundamental Approaches to Software Engineering |
Subtitle of host publication | FASE 2018 |
Editors | Alessandra Russo, Andreas Schürr |
Place of Publication | Cham |
Publisher | Springer |
Pages | 56-73 |
Number of pages | 18 |
ISBN (Electronic) | 9783319893631 |
ISBN (Print) | 9783319893624 |
DOIs | |
Publication status | Published - 4 Apr 2018 |
Event | International Conference on Fundamental Approaches to Software Engineering - Thessaloniki, Greece Duration: 16 Apr 2018 → 19 Apr 2018 https://link.springer.com/book/10.1007/978-3-319-89363-1 |
Publication series
Series | Lecture Notes in Computer Science |
---|---|
Volume | 10802 |
Conference
Conference | International Conference on Fundamental Approaches to Software Engineering |
---|---|
Abbreviated title | FASE 2018 |
Country | Greece |
City | Thessaloniki |
Period | 16/04/18 → 19/04/18 |
Internet address |