Attribute Repair for Threat Prevention

Thorsten Tarrach; Ebrahimi Masoud; Sandra König; Christoph Schmittner; Roderick Bloem; Dejan Nickovic

doi:10.1007/978-3-031-40923-3_11

Attribute Repair for Threat Prevention

Thorsten Tarrach
, Ebrahimi Masoud (Autor:in und Vortragende:r)
, Sandra König
, Christoph Schmittner
, Roderick Bloem
, Dejan Nickovic (Vortragende:r)

Graz University of Technology

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

Abstract

We propose a model-based procedure for preventing security threats using formal models. We encode system models and threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains.

Originalsprache	Englisch
Titel	Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Toulouse, France, September 20-22, 2023, Proceedings
Seiten	135-148
Seitenumfang	14
Band	14181
ISBN (elektronisch)	978-3-031-40923-3
DOIs	https://doi.org/10.1007/978-3-031-40923-3_11
Publikationsstatus	Veröffentlicht - 20 Sept. 2023
Veranstaltung	SAFECOMP 2023: 42nd International Conference on Computer Safety, Reliability and Security: DECSoS 2023: 18th International Workshop on Dependable Smart Embedded Cyber-Physical Systems and Systems-of-Systems - Toulouse, Toulouse, Frankreich Dauer: 19 Sept. 2023 → 22 Sept. 2023 https://safecomp2023.cnrs.fr/workshops/

Workshop

Workshop	SAFECOMP 2023: 42nd International Conference on Computer Safety, Reliability and Security
Land/Gebiet	Frankreich
Stadt	Toulouse
Zeitraum	19/09/23 → 22/09/23
Internetadresse	https://safecomp2023.cnrs.fr/workshops/

Research Field

Dependable Systems Engineering

Zugriff auf Dokument

10.1007/978-3-031-40923-3_11

Diese Publikation zitieren

@inproceedings{590e81e0dc5544cdbbfd9bd3ae8366af,

title = "Attribute Repair for Threat Prevention",

abstract = "We propose a model-based procedure for preventing security threats using formal models. We encode system models and threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains.",

author = "Thorsten Tarrach and Ebrahimi Masoud and Sandra K{\"o}nig and Christoph Schmittner and Roderick Bloem and Dejan Nickovic",

year = "2023",

month = sep,

day = "20",

doi = "10.1007/978-3-031-40923-3\_11",

language = "English",

isbn = "\{978-3-031-40922-6",

volume = "14181",

pages = "135--148",

booktitle = "Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Toulouse, France, September 20-22, 2023, Proceedings",

note = "SAFECOMP 2023: 42nd International Conference on Computer Safety, Reliability and Security : DECSoS 2023: 18th International Workshop on Dependable Smart Embedded Cyber-Physical Systems and Systems-of-Systems ; Conference date: 19-09-2023 Through 22-09-2023",

url = "https://safecomp2023.cnrs.fr/workshops/",

}

Tarrach, T, Masoud, E, König, S, Schmittner, C, Bloem, R & Nickovic, D 2023, Attribute Repair for Threat Prevention. in Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Toulouse, France, September 20-22, 2023, Proceedings. Bd. 14181, S. 135-148, SAFECOMP 2023: 42nd International Conference on Computer Safety, Reliability and Security, Toulouse, Frankreich, 19/09/23. https://doi.org/10.1007/978-3-031-40923-3_11

Attribute Repair for Threat Prevention. / Tarrach, Thorsten; Masoud, Ebrahimi (Autor:in und Vortragende:r); König, Sandra et al.
Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Toulouse, France, September 20-22, 2023, Proceedings. Band 14181 2023. S. 135-148.

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

TY - GEN

T1 - Attribute Repair for Threat Prevention

AU - Tarrach, Thorsten

AU - König, Sandra

AU - Schmittner, Christoph

AU - Bloem, Roderick

A2 - Masoud, Ebrahimi

A2 - Nickovic, Dejan

PY - 2023/9/20

Y1 - 2023/9/20

N2 - We propose a model-based procedure for preventing security threats using formal models. We encode system models and threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains.

AB - We propose a model-based procedure for preventing security threats using formal models. We encode system models and threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains.

U2 - 10.1007/978-3-031-40923-3_11

DO - 10.1007/978-3-031-40923-3_11

M3 - Conference Proceedings with Oral Presentation

SN - {978-3-031-40922-6

VL - 14181

SP - 135

EP - 148

BT - Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Toulouse, France, September 20-22, 2023, Proceedings

T2 - SAFECOMP 2023: 42nd International Conference on Computer Safety, Reliability and Security

Y2 - 19 September 2023 through 22 September 2023

ER -

Attribute Repair for Threat Prevention

Abstract

Workshop

Research Field

Zugriff auf Dokument

Fingerprint

Diese Publikation zitieren