Does appropriate software support for target identification exist?

The paper deals with the evaluation and the selection of available software tools that can be utilized in solving problems related to the identification of the targets of malicious acts. The paper presents grant project requirements that focus on the development of methods for the target identification in the field of nuclear energy and critical infrastructure in the Czech Republic. The main requirements are related primarily to the modeling of unacceptable effects of malicious acts. Based on the project purposes, the specific requirements for software support for targets identification are defined. In the next step, the available methods and techniques such as event trees, fault trees and attack trees are introduced. After that there is a summary of available software tools focused on modeling and solving event, fault and attack trees. Individual software tools made by reputable producers are characterized in detail. Finally the paper compares the capability of available software tools with the specified requirements.

[1]  Richard F. Paige,et al.  Fault trees for security system design and analysis , 2003, Comput. Secur..

[2]  G. G. M. Cojazzi,et al.  On the use of non-coherent fault trees in safety and security studies , 2008, Reliab. Eng. Syst. Saf..

[3]  Irina Trubitsyna,et al.  Analyzing Security Scenarios Using Defence Trees and Answer Set Programming , 2008, Electron. Notes Theor. Comput. Sci..

[4]  Andreas L. Opdahl,et al.  Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..

[5]  G. Manimaran,et al.  PENET: A practical method and tool for integrated modeling of security attacks and countermeasures , 2009, Comput. Secur..

[6]  Karsten P. Ulland,et al.  Vii. References , 2022 .

[7]  Jan Willemson,et al.  Rational Choice of Security Measures Via Multi-parameter Attack Trees , 2006, CRITIS.

[8]  Clifton A. Ericson,et al.  Hazard Analysis Techniques for System Safety: Ericson/Hazard Analysis Techniques for System Safety , 2005 .

[9]  Igor Nai Fovino,et al.  Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[10]  Clifton A. Ericson,et al.  Hazard Analysis Techniques for System Safety , 2005 .

[11]  Mary Lynn Garcia,et al.  The Design and Evaluation of Physical Protection Systems , 2001 .

[12]  Ronald R. Yager OWA trees and their role in security modeling using attack trees , 2006, Inf. Sci..

[13]  Zhu Ning,et al.  Design and Application of Penetration Attack Tree Model Oriented to Attack Resistance Test , 2008, 2008 International Conference on Computer Science and Software Engineering.