Attack trees are a well-known methodology to describe the possible security weaknesses of a system. An attack tree basically consists of a description of an attacker’s goals and their refinement into sub-goals. We believe that attack trees provide an ideal systematic approach for security assessment.
Due to their intuitive nature, attack trees are already one of several tools in security assessment. However, significant development of the methodology is needed before all potential benefits can be taken advantage of.
The following researchers are involved in the project:
The project is funded by the Fonds National de la Recherche Luxembourg (FNR), through the following grants: