Learn More
Attack modeling has recently been adopted by security analysts as a useful tool in risk assessment of cyber-physical systems. We propose in this paper to model the Stuxnet attack with BDMP (Boolean logic Driven Markov Processes) formalism and to show the advantages of such modeling. After a description of the architecture targeted by Stuxnet, we explain the(More)
This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable and quantifiable actions. Methods based on threat trees and Bayesian networks are two well-known approaches to(More)
Boolean logic Driven Markov Processes (BDMP) are a powerful modeling tool used in the reliability and safety domains. We propose to take advantage of their capabilities to go beyond the traditional techniques used to model attack scenarios. In particular we show how this new approach can be seen as preferable to attack trees and Petri net-based methods.(More)
This article focuses on cryptographic key management systems (KMS) for SCADA systems environments. It first gives a generic view on the constraints, requirements and desired technical properties in SCADA contexts. Then, the most widespread solutions are presented, before discussing how they meet such conditions. The work done by different initiatives on(More)
Security Safety Risk analysis Ambiguities A B S T R A C T The meaning of the terms " security " and " safety " varies considerably from one context to another, leading to potential ambiguities. These ambiguities are very problematic in the critical infrastructure protection domain, which involves multiple actors and engineering disciplines. Avoiding(More)
— Safety and security issues are increasingly converging on the same critical systems, leading to new situations in which these closely interdependent notions should now be considered together. Indeed, the related requirements, technical and organizational measures can have various interactions and side-effects ranging from mutual reinforcements to complete(More)
This paper discusses the implementation and use of the BDMP (Boolean logic Driven Markov Processes) formalism, recently adapted to graphical attack modeling. Theoretically, it offers an attractive trade-off between readability, scalability, modeling power and quantification capabilities. In practice, efficient model construction and analysis need(More)