Attack trees in Isabelle

Kammueller, Florian (2018) Attack trees in Isabelle. In: 20th International Conference on Information and Communications Security, ICICS 2018, 29-31 Oct 2018, Lille, France. (doi:10.1007/978-3-030-01950-1_36)

PDF - Final accepted version (with author's formatting)
Download (680kB) | Preview


In this paper, we present a proof theory for attack trees. Attack trees are a well established and useful model for the construction of attacks on systems since they allow a stepwise exploration of high level attacks in application scenarios. Using the expressiveness of Higher Order Logic in Isabelle, we succeed in developing a generic theory of attack trees with a state-based semantics based on Kripke structures and CTL. The resulting framework allows mechanically supported logic analysis of the meta-theory of the proof calculus of attack trees and at the same time the developed proof theory enables application to case studies. A central correctness and completeness result proved in Isabelle establishes a connection between the notion of attack tree validity and CTL. The application is illustrated on the example of a healthcare IoT system and GDPR compliance verification.

Item Type: Conference or Workshop Item (Paper)
Additional Information: Paper published as:
Kammüller F. (2018) Attack Trees in Isabelle. In: Naccache D. et al. (eds) Information and Communications Security. ICICS 2018. Lecture Notes in Computer Science, vol 11149. Springer, Cham
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 25875
Notes on copyright: This is a post-peer-review, pre-copyedit version of an paper published in Information and Communications Security: 20th International Conference, ICICS 2018, Lille, France, October 29-31, 2018, Proceedings. The final authenticated version is available online at:
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 03 Jan 2019 12:02
Last Modified: 22 Apr 2019 15:24

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year