Attack Tree Analysis and Control Systems
Sunday, March 16th, 4:00pm - 5:00pm
This presentation will give a short introduction to the theory of attack trees. Several types of analysis will be demonstrated using an attack tree model that closely corresponds to the recent SANS ICS CyberAttack Video. There will also be a short description of the activities of NERC's Cyber Attack Task Force in creating attack tree models related to the integrity of the Bulk Power System.
Attack trees are graphical diagrams that describe various ways that adversaries can use to accomplish an attack. The trees use Boolean logic and other mathematics to describe how the effects of low level exploits (whose individual impacts are often insignificant) can combine to have serious effects on the target system. Attack tree analysis uses information about an adversary's resources and goals to predict which attacks are most likely (and what impact will be experienced by the victim).
Sun Mar 16th, 2014
4:00 PM - 5:00 PM