Text size
  • Small
  • Medium
  • Large
  • Standard
  • Blue text on blue
  • High contrast (Yellow text on black)
  • Blue text on beige

    CPS Security Assessment using Automatically Generated Attack Trees

    5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)

    29 - 30 August 2018, University of Hamburg, Germany.


    Wouter Depamelaere, Laurens Lemaire, Jan Vossaert & Vincent Naessens



    Over the last decades, cyber-physical systems have evolved from isolated to complex interconnected systems that are remotely accessible. This made them easier to attack, especially since they often contain legacy components with known vulnerabilities. This paper presents a methodology to assess the security of a cyber-physical system. It automatically generates attack trees based on the system architecture. The generated attack trees are processed to provide both technical and non-technical feedback. The assessor can define different attacker models to asses the security of the system with respect to different types of attackers. The methodology is validated by providing tool support and applying it to an example ICS.


    PDF file PDF Version of this Paper 497(kb)