 Integrating cyber attacks within fault treesIgor Nai Fovino, Marcelo Masera and Alessio De Cian Reliability Engineering and System Safety, 2009, vol. 94, issue 9, 1394-1402 Abstract: In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented. Keywords: Security; Risk assessment; Fault tree; Attack tree (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:eee:reensy:v:94:y:2009:i:9:p:1394-1402 DOI: 10.1016/j.ress.2009.02.020 Access Statistics for this article Reliability Engineering and System Safety is currently edited by Carlos Guedes Soares More articles in Reliability Engineering and System Safety from Elsevier |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.